{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"High" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"kernel security update", "category":"general", "title":"Synopsis" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "category":"general", "title":"Summary" }, { "text":"The Linux Kernel, the operating system core itself.\n\nSecurity Fix(es):\n\nIn the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected, cpu_max_bits_warn() generates a runtime warning similar as below when showing /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit) instead of NR_CPUS to iterate CPUs. [ 3.052463] ------------[ cut here ]------------ [ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0 [ 3.070072] Modules linked in: efivarfs autofs4 [ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052 [ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000 [ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430 [ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff [ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890 [ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa [ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000 [ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000 [ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000 [ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286 [ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c [ 3.195868] ... [ 3.199917] Call Trace: [ 3.203941] [<90000000002086d8>] show_stack+0x38/0x14c [ 3.210666] [<9000000000cf846c>] dump_stack_lvl+0x60/0x88 [ 3.217625] [<900000000023d268>] __warn+0xd0/0x100 [ 3.223958] [<9000000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc [ 3.231150] [<9000000000210220>] show_cpuinfo+0x5e8/0x5f0 [ 3.238080] [<90000000004f578c>] seq_read_iter+0x354/0x4b4 [ 3.245098] [<90000000004c2e90>] new_sync_read+0x17c/0x1c4 [ 3.252114] [<90000000004c5174>] vfs_read+0x138/0x1d0 [ 3.258694] [<90000000004c55f8>] ksys_read+0x70/0x100 [ 3.265265] [<9000000000cfde9c>] do_syscall+0x7c/0x94 [ 3.271820] [<9000000000202fe4>] handle_syscall+0xc4/0x160 [ 3.281824] ---[ end trace 8b484262b4b8c24c ]---(CVE-2022-49034)\n\nIn the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - inject error before stopping queue The master ooo cannot be completely closed when the accelerator core reports memory error. Therefore, the driver needs to inject the qm error to close the master ooo. Currently, the qm error is injected after stopping queue, memory may be released immediately after stopping queue, causing the device to access the released memory. Therefore, error is injected to close master ooo before stopping queue to ensure that the device does not access the released memory.(CVE-2024-47730)\n\nIn the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check null pointers before using dc->clk_mgr [WHY & HOW] dc->clk_mgr is null checked previously in the same function, indicating it might be null. Passing \"dc\" to \"dc->hwss.apply_idle_power_optimizations\", which dereferences null \"dc->clk_mgr\". (The function pointer resolves to \"dcn35_apply_idle_power_optimizations\".) This fixes 1 FORWARD_NULL issue reported by Coverity.(CVE-2024-49907)\n\nIn the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix error path in multi-packet WQE transmit Remove the erroneous unmap in case no DMA mapping was established The multi-packet WQE transmit code attempts to obtain a DMA mapping for the skb. This could fail, e.g. under memory pressure, when the IOMMU driver just can't allocate more memory for page tables. While the code tries to handle this in the path below the err_unmap label it erroneously unmaps one entry from the sq's FIFO list of active mappings. Since the current map attempt failed this unmap is removing some random DMA mapping that might still be required. If the PCI function now presents that IOVA, the IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI function in error state. The erroneous behavior was seen in a stress-test environment that created memory pressure.(CVE-2024-50001)\n\nIn the Linux kernel, the following vulnerability has been resolved: net: phy: dp83869: fix memory corruption when enabling fiber When configuring the fiber port, the DP83869 PHY driver incorrectly calls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit number (10). This corrupts some other memory location -- in case of arm64 the priv pointer in the same structure. Since the advertising flags are updated from supported at the end of the function the incorrect line isn't needed at all and can be removed.(CVE-2024-50188)\n\nIn the Linux kernel, the following vulnerability has been resolved: staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() In the ad9832_write_frequency() function, clk_get_rate() might return 0. This can lead to a division by zero when calling ad9832_calc_freqreg(). The check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect against the case when fout is 0. The ad9832_write_frequency() function is called from ad9832_write(), and fout is derived from a text buffer, which can contain any value.(CVE-2024-50233)\n\nIn the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans During loopback communication, a dangling pointer can be created in vsk->trans, potentially leading to a Use-After-Free condition. This issue is resolved by initializing vsk->trans to NULL.(CVE-2024-50264)\n\nIn the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is >= U32_MAX - 3 then the \"length + 4\" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decode_cb_compound4res() does not have to perform arithmetic on the unsafe length value.(CVE-2024-53146)\n\nIn the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal to the cluster size, if start_clu becomes an EOF cluster(an invalid cluster) due to file system corruption, then the directory entry where ei->hint_femp.eidx hint is outside the directory, resulting in an out-of-bounds access, which may cause further file system corruption. This commit adds a check for start_clu, if it is an invalid cluster, the file or directory will be treated as empty.(CVE-2024-53147)\n\nIn the Linux kernel, the following vulnerability has been resolved: ocfs2: fix uninitialized value in ocfs2_file_read_iter() Syzbot has reported the following KMSAN splat: BUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80 ocfs2_file_read_iter+0x9a4/0xf80 __io_read+0x8d4/0x20f0 io_read+0x3e/0xf0 io_issue_sqe+0x42b/0x22c0 io_wq_submit_work+0xaf9/0xdc0 io_worker_handle_work+0xd13/0x2110 io_wq_worker+0x447/0x1410 ret_from_fork+0x6f/0x90 ret_from_fork_asm+0x1a/0x30 Uninit was created at: __alloc_pages_noprof+0x9a7/0xe00 alloc_pages_mpol_noprof+0x299/0x990 alloc_pages_noprof+0x1bf/0x1e0 allocate_slab+0x33a/0x1250 ___slab_alloc+0x12ef/0x35e0 kmem_cache_alloc_bulk_noprof+0x486/0x1330 __io_alloc_req_refill+0x84/0x560 io_submit_sqes+0x172f/0x2f30 __se_sys_io_uring_enter+0x406/0x41c0 __x64_sys_io_uring_enter+0x11f/0x1a0 x64_sys_call+0x2b54/0x3ba0 do_syscall_64+0xcd/0x1e0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Since an instance of 'struct kiocb' may be passed from the block layer with 'private' field uninitialized, introduce 'ocfs2_iocb_init_rw_locked()' and use it from where 'ocfs2_dio_end_io()' might take care, i.e. in 'ocfs2_file_read_iter()' and 'ocfs2_file_write_iter()'.(CVE-2024-53155)\n\nIn the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() This loop is supposed to break if the frequency returned from clk_round_rate() is the same as on the previous iteration. However, that check doesn't make sense on the first iteration through the loop. It leads to reading before the start of these->clk_perf_tbl[] array.(CVE-2024-53158)\n\nIn the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the \"get DIMM info\" SMC call consists of mem_ctrl_idx left-shifted 16 bits and OR-ed with DIMM index. With mem_ctrl_idx defined as 32-bits wide the left-shift operation truncates the upper 16 bits of information during the calculation of the SMC argument. The mem_ctrl_idx stack variable must be defined as 64-bits wide to prevent any potential integer overflow, i.e. loss of data from upper 16 bits.(CVE-2024-53161)\n\nIn the Linux kernel, the following vulnerability has been resolved: sh: intc: Fix use-after-free bug in register_intc_controller() In the error handling for this function, d is freed without ever removing it from intc_list which would lead to a use after free. To fix this, let's only add it to the list after everything has succeeded.(CVE-2024-53165)\n\nIn the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang Erkun reports that when two threads are opening files at the same time, and are forced to abort before a reply is seen, then the call to nfs_release_seqid() in nfs4_opendata_free() can result in a use-after-free of the pointer to the defunct rpc task of the other thread. The fix is to ensure that if the RPC call is aborted before the call to nfs_wait_on_sequence() is complete, then we must call nfs_release_seqid() in nfs4_open_release() before the rpc_task is freed.(CVE-2024-53173)\n\nIn the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response, the client uses AES-128-CCM as the default cipher. See MS-SMB2 3.3.5.4. Commit b0abcd65ec54 (\"smb: client: fix UAF in async decryption\") added a @server->cipher_type check to conditionally call smb3_crypto_aead_allocate(), but that check would always be false as @server->cipher_type is unset for SMB3.02. Fix the following KASAN splat by setting @server->cipher_type for SMB3.02 as well. mount.cifs //srv/share /mnt -o vers=3.02,seal,... BUG: KASAN: null-ptr-deref in crypto_aead_setkey+0x2c/0x130 Read of size 8 at addr 0000000000000020 by task mount.cifs/1095 CPU: 1 UID: 0 PID: 1095 Comm: mount.cifs Not tainted 6.12.0 #1 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41 04/01/2014 Call Trace: dump_stack_lvl+0x5d/0x80 ? crypto_aead_setkey+0x2c/0x130 kasan_report+0xda/0x110 ? crypto_aead_setkey+0x2c/0x130 crypto_aead_setkey+0x2c/0x130 crypt_message+0x258/0xec0 [cifs] ? __asan_memset+0x23/0x50 ? __pfx_crypt_message+0x10/0x10 [cifs] ? mark_lock+0xb0/0x6a0 ? hlock_class+0x32/0xb0 ? mark_lock+0xb0/0x6a0 smb3_init_transform_rq+0x352/0x3f0 [cifs] ? lock_acquire.part.0+0xf4/0x2a0 smb_send_rqst+0x144/0x230 [cifs] ? __pfx_smb_send_rqst+0x10/0x10 [cifs] ? hlock_class+0x32/0xb0 ? smb2_setup_request+0x225/0x3a0 [cifs] ? __pfx_cifs_compound_last_callback+0x10/0x10 [cifs] compound_send_recv+0x59b/0x1140 [cifs] ? __pfx_compound_send_recv+0x10/0x10 [cifs] ? __create_object+0x5e/0x90 ? hlock_class+0x32/0xb0 ? do_raw_spin_unlock+0x9a/0xf0 cifs_send_recv+0x23/0x30 [cifs] SMB2_tcon+0x3ec/0xb30 [cifs] ? __pfx_SMB2_tcon+0x10/0x10 [cifs] ? lock_acquire.part.0+0xf4/0x2a0 ? __pfx_lock_release+0x10/0x10 ? do_raw_spin_trylock+0xc6/0x120 ? lock_acquire+0x3f/0x90 ? _get_xid+0x16/0xd0 [cifs] ? __pfx_SMB2_tcon+0x10/0x10 [cifs] ? cifs_get_smb_ses+0xcdd/0x10a0 [cifs] cifs_get_smb_ses+0xcdd/0x10a0 [cifs] ? __pfx_cifs_get_smb_ses+0x10/0x10 [cifs] ? cifs_get_tcp_session+0xaa0/0xca0 [cifs] cifs_mount_get_session+0x8a/0x210 [cifs] dfs_mount_share+0x1b0/0x11d0 [cifs] ? __pfx___lock_acquire+0x10/0x10 ? __pfx_dfs_mount_share+0x10/0x10 [cifs] ? lock_acquire.part.0+0xf4/0x2a0 ? find_held_lock+0x8a/0xa0 ? hlock_class+0x32/0xb0 ? lock_release+0x203/0x5d0 cifs_mount+0xb3/0x3d0 [cifs] ? do_raw_spin_trylock+0xc6/0x120 ? __pfx_cifs_mount+0x10/0x10 [cifs] ? lock_acquire+0x3f/0x90 ? find_nls+0x16/0xa0 ? smb3_update_mnt_flags+0x372/0x3b0 [cifs] cifs_smb3_do_mount+0x1e2/0xc80 [cifs] ? __pfx_vfs_parse_fs_string+0x10/0x10 ? __pfx_cifs_smb3_do_mount+0x10/0x10 [cifs] smb3_get_tree+0x1bf/0x330 [cifs] vfs_get_tree+0x4a/0x160 path_mount+0x3c1/0xfb0 ? kasan_quarantine_put+0xc7/0x1d0 ? __pfx_path_mount+0x10/0x10 ? kmem_cache_free+0x118/0x3e0 ? user_path_at+0x74/0xa0 __x64_sys_mount+0x1a6/0x1e0 ? __pfx___x64_sys_mount+0x10/0x10 ? mark_held_locks+0x1a/0x90 do_syscall_64+0xbb/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f(CVE-2024-53185)\n\nIn the Linux kernel, the following vulnerability has been resolved: io_uring: check for overflows in io_pin_pages WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller #0 Call Trace: __io_uaddr_map+0xfb/0x2d0 io_uring/memmap.c:183 io_rings_map io_uring/io_uring.c:2611 [inline] io_allocate_scq_urings+0x1c0/0x650 io_uring/io_uring.c:3470 io_uring_create+0x5b5/0xc00 io_uring/io_uring.c:3692 io_uring_setup io_uring/io_uring.c:3781 [inline] ... io_pin_pages()'s uaddr parameter came directly from the user and can be garbage. Don't just add size to it as it can overflow.(CVE-2024-53187)\n\nIn the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free of slot->bus on hot remove Dennis reports a boot crash on recent Lenovo laptops with a USB4 dock. Since commit 0fc70886569c (\"thunderbolt: Reset USB4 v2 host router\") and commit 59a54c5f3dbd (\"thunderbolt: Reset topology created by the boot firmware\"), USB4 v2 and v1 Host Routers are reset on probe of the thunderbolt driver. The reset clears the Presence Detect State and Data Link Layer Link Active bits at the USB4 Host Router's Root Port and thus causes hot removal of the dock. The crash occurs when pciehp is unbound from one of the dock's Downstream Ports: pciehp creates a pci_slot on bind and destroys it on unbind. The pci_slot contains a pointer to the pci_bus below the Downstream Port, but a reference on that pci_bus is never acquired. The pci_bus is destroyed before the pci_slot, so a use-after-free ensues when pci_slot_release() accesses slot->bus. In principle this should not happen because pci_stop_bus_device() unbinds pciehp (and therefore destroys the pci_slot) before the pci_bus is destroyed by pci_remove_bus_device(). However the stacktrace provided by Dennis shows that pciehp is unbound from pci_remove_bus_device() instead of pci_stop_bus_device(). To understand the significance of this, one needs to know that the PCI core uses a two step process to remove a portion of the hierarchy: It first unbinds all drivers in the sub-hierarchy in pci_stop_bus_device() and then actually removes the devices in pci_remove_bus_device(). There is no precaution to prevent driver binding in-between pci_stop_bus_device() and pci_remove_bus_device(). In Dennis' case, it seems removal of the hierarchy by pciehp races with driver binding by pci_bus_add_devices(). pciehp is bound to the Downstream Port after pci_stop_bus_device() has run, so it is unbound by pci_remove_bus_device() instead of pci_stop_bus_device(). Because the pci_bus has already been destroyed at that point, accesses to it result in a use-after-free. One might conclude that driver binding needs to be prevented after pci_stop_bus_device() has run. However it seems risky that pci_slot points to pci_bus without holding a reference. Solely relying on correct ordering of driver unbind versus pci_bus destruction is certainly not defensive programming. If pci_slot has a need to access data in pci_bus, it ought to acquire a reference. Amend pci_create_slot() accordingly. Dennis reports that the crash is not reproducible with this change. Abridged stacktrace: pcieport 0000:00:07.0: PME: Signaling with IRQ 156 pcieport 0000:00:07.0: pciehp: Slot #12 AttnBtn- PwrCtrl- MRL- AttnInd- PwrInd- HotPlug+ Surprise+ Interlock- NoCompl+ IbPresDis- LLActRep+ pci_bus 0000:20: dev 00, created physical slot 12 pcieport 0000:00:07.0: pciehp: Slot(12): Card not present ... pcieport 0000:21:02.0: pciehp: pcie_disable_notification: SLOTCTRL d8 write cmd 0 Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI CPU: 13 UID: 0 PID: 134 Comm: irq/156-pciehp Not tainted 6.11.0-devel+ #1 RIP: 0010:dev_driver_string+0x12/0x40 pci_destroy_slot pciehp_remove pcie_port_remove_service device_release_driver_internal bus_remove_device device_del device_unregister remove_iter device_for_each_child pcie_portdrv_remove pci_device_remove device_release_driver_internal bus_remove_device device_del pci_remove_bus_device (recursive invocation) pci_remove_bus_device pciehp_unconfigure_device pciehp_disable_slot pciehp_handle_presence_or_link_change pciehp_ist(CVE-2024-53194)\n\nIn the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration.(CVE-2024-53197)\n\nIn the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent NULL dereference in nfsd4_process_cb_update() @ses is initialized to NULL. If __nfsd4_find_backchannel() finds no available backchannel session, setup_callback_client() will try to dereference @ses and segfault.(CVE-2024-53217)\n\nIn the Linux kernel, the following vulnerability has been resolved: f2fs: fix race in concurrent f2fs_stop_gc_thread In my test case, concurrent calls to f2fs shutdown report the following stack trace: Oops: general protection fault, probably for non-canonical address 0xc6cfff63bb5513fc: 0000 [#1] PREEMPT SMP PTI CPU: 0 UID: 0 PID: 678 Comm: f2fs_rep_shutdo Not tainted 6.12.0-rc5-next-20241029-g6fb2fa9805c5-dirty #85 Call Trace: ? show_regs+0x8b/0xa0 ? __die_body+0x26/0xa0 ? die_addr+0x54/0x90 ? exc_general_protection+0x24b/0x5c0 ? asm_exc_general_protection+0x26/0x30 ? kthread_stop+0x46/0x390 f2fs_stop_gc_thread+0x6c/0x110 f2fs_do_shutdown+0x309/0x3a0 f2fs_ioc_shutdown+0x150/0x1c0 __f2fs_ioctl+0xffd/0x2ac0 f2fs_ioctl+0x76/0xe0 vfs_ioctl+0x23/0x60 __x64_sys_ioctl+0xce/0xf0 x64_sys_call+0x2b1b/0x4540 do_syscall_64+0xa7/0x240 entry_SYSCALL_64_after_hwframe+0x76/0x7e The root cause is a race condition in f2fs_stop_gc_thread() called from different f2fs shutdown paths: [CPU0] [CPU1] ---------------------- ----------------------- f2fs_stop_gc_thread f2fs_stop_gc_thread gc_th = sbi->gc_thread gc_th = sbi->gc_thread kfree(gc_th) sbi->gc_thread = NULL < gc_th != NULL > kthread_stop(gc_th->f2fs_gc_task) //UAF The commit c7f114d864ac (\"f2fs: fix to avoid use-after-free in f2fs_stop_gc_thread()\") attempted to fix this issue by using a read semaphore to prevent races between shutdown and remount threads, but it fails to prevent all race conditions. Fix it by converting to write lock of s_umount in f2fs_do_shutdown().(CVE-2024-53218)\n\nIn the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 404 at mm/page_alloc.c:4551 ...... Modules linked in: CPU: 1 PID: 404 Comm: insmod Not tainted 6.9.0-rc5+ #123 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ...... RIP: 0010:__alloc_pages+0x2bf/0x380 ...... Call Trace: ? __warn+0x8e/0x150 ? __alloc_pages+0x2bf/0x380 __kmalloc_large_node+0x86/0x160 __kmalloc+0x33c/0x480 virtio_fs_enqueue_req+0x240/0x6d0 virtio_fs_wake_pending_and_unlock+0x7f/0x190 queue_request_and_unlock+0x55/0x60 fuse_simple_request+0x152/0x2b0 fuse_direct_io+0x5d2/0x8c0 fuse_file_read_iter+0x121/0x160 __kernel_read+0x151/0x2d0 kernel_read+0x45/0x50 kernel_read_file+0x1a9/0x2a0 init_module_from_file+0x6a/0xe0 idempotent_init_module+0x175/0x230 __x64_sys_finit_module+0x5d/0xb0 x64_sys_call+0x1c3/0x9e0 do_syscall_64+0x3d/0xc0 entry_SYSCALL_64_after_hwframe+0x4b/0x53 ...... ---[ end trace 0000000000000000 ]--- The warning is triggered as follows: 1) syscall finit_module() handles the module insertion and it invokes kernel_read_file() to read the content of the module first. 2) kernel_read_file() allocates a 10MB buffer by using vmalloc() and passes it to kernel_read(). kernel_read() constructs a kvec iter by using iov_iter_kvec() and passes it to fuse_file_read_iter(). 3) virtio-fs disables the cache, so fuse_file_read_iter() invokes fuse_direct_io(). As for now, the maximal read size for kvec iter is only limited by fc->max_read. For virtio-fs, max_read is UINT_MAX, so fuse_direct_io() doesn't split the 10MB buffer. It saves the address and the size of the 10MB-sized buffer in out_args[0] of a fuse request and passes the fuse request to virtio_fs_wake_pending_and_unlock(). 4) virtio_fs_wake_pending_and_unlock() uses virtio_fs_enqueue_req() to queue the request. Because virtiofs need DMA-able address, so virtio_fs_enqueue_req() uses kmalloc() to allocate a bounce buffer for all fuse args, copies these args into the bounce buffer and passed the physical address of the bounce buffer to virtiofsd. The total length of these fuse args for the passed fuse request is about 10MB, so copy_args_to_argbuf() invokes kmalloc() with a 10MB size parameter and it triggers the warning in __alloc_pages(): if (WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp)) return NULL; 5) virtio_fs_enqueue_req() will retry the memory allocation in a kworker, but it won't help, because kmalloc() will always return NULL due to the abnormal size and finit_module() will hang forever. A feasible solution is to limit the value of max_read for virtio-fs, so the length passed to kmalloc() will be limited. However it will affect the maximal read size for normal read. And for virtio-fs write initiated from kernel, it has the similar problem but now there is no way to limit fc->max_write in kernel. So instead of limiting both the values of max_read and max_write in kernel, introducing use_pages_for_kvec_io in fuse_conn and setting it as true in virtiofs. When use_pages_for_kvec_io is enabled, fuse will use pages instead of pointer to pass the KVEC_IO data. After switching to pages for KVEC_IO data, these pages will be used for DMA through virtio-fs. If these pages are backed by vmalloc(), {flush|invalidate}_kernel_vmap_range() are necessary to flush or invalidate the cache before the DMA operation. So add two new fields in fuse_args_pages to record the base address of vmalloc area and the condition indicating whether invalidation is needed. Perform the flush in fuse_get_user_pages() for write operations and the invalidation in fuse_release_user_pages() for read operations. It may seem necessary to introduce another fie ---truncated---(CVE-2024-53219)\n\nIn the Linux kernel, the following vulnerability has been resolved: f2fs: fix null-ptr-deref in f2fs_submit_page_bio() There's issue as follows when concurrently installing the f2fs.ko module and mounting the f2fs file system: KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027] RIP: 0010:__bio_alloc+0x2fb/0x6c0 [f2fs] Call Trace: f2fs_submit_page_bio+0x126/0x8b0 [f2fs] __get_meta_page+0x1d4/0x920 [f2fs] get_checkpoint_version.constprop.0+0x2b/0x3c0 [f2fs] validate_checkpoint+0xac/0x290 [f2fs] f2fs_get_valid_checkpoint+0x207/0x950 [f2fs] f2fs_fill_super+0x1007/0x39b0 [f2fs] mount_bdev+0x183/0x250 legacy_get_tree+0xf4/0x1e0 vfs_get_tree+0x88/0x340 do_new_mount+0x283/0x5e0 path_mount+0x2b2/0x15b0 __x64_sys_mount+0x1fe/0x270 do_syscall_64+0x5f/0x170 entry_SYSCALL_64_after_hwframe+0x76/0x7e Above issue happens as the biset of the f2fs file system is not initialized before register \"f2fs_fs_type\". To address above issue just register \"f2fs_fs_type\" at the last in init_f2fs_fs(). Ensure that all f2fs file system resources are initialized.(CVE-2024-53221)\n\nIn the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Move events notifier registration to be after device registration Move pkey change work initialization and cleanup from device resources stage to notifier stage, since this is the stage which handles this work events. Fix a race between the device deregistration and pkey change work by moving MLX5_IB_STAGE_DEVICE_NOTIFIER to be after MLX5_IB_STAGE_IB_REG in order to ensure that the notifier is deregistered before the device during cleanup. Which ensures there are no works that are being executed after the device has already unregistered which can cause the panic below. BUG: kernel NULL pointer dereference, address: 0000000000000000 PGD 0 P4D 0 Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 630071 Comm: kworker/1:2 Kdump: loaded Tainted: G W OE --------- --- 5.14.0-162.6.1.el9_1.x86_64 #1 Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090008 02/27/2023 Workqueue: events pkey_change_handler [mlx5_ib] RIP: 0010:setup_qp+0x38/0x1f0 [mlx5_ib] Code: ee 41 54 45 31 e4 55 89 f5 53 48 89 fb 48 83 ec 20 8b 77 08 65 48 8b 04 25 28 00 00 00 48 89 44 24 18 48 8b 07 48 8d 4c 24 16 <4c> 8b 38 49 8b 87 80 0b 00 00 4c 89 ff 48 8b 80 08 05 00 00 8b 40 RSP: 0018:ffffbcc54068be20 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff954054494128 RCX: ffffbcc54068be36 RDX: ffff954004934000 RSI: 0000000000000001 RDI: ffff954054494128 RBP: 0000000000000023 R08: ffff954001be2c20 R09: 0000000000000001 R10: ffff954001be2c20 R11: ffff9540260133c0 R12: 0000000000000000 R13: 0000000000000023 R14: 0000000000000000 R15: ffff9540ffcb0905 FS: 0000000000000000(0000) GS:ffff9540ffc80000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000000 CR3: 000000010625c001 CR4: 00000000003706e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: mlx5_ib_gsi_pkey_change+0x20/0x40 [mlx5_ib] process_one_work+0x1e8/0x3c0 worker_thread+0x50/0x3b0 ? rescuer_thread+0x380/0x380 kthread+0x149/0x170 ? set_kthread_struct+0x50/0x50 ret_from_fork+0x22/0x30 Modules linked in: rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) mlx5_fwctl(OE) fwctl(OE) ib_uverbs(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlx_compat(OE) psample mlxfw(OE) tls knem(OE) netconsole nfsv3 nfs_acl nfs lockd grace fscache netfs qrtr rfkill sunrpc intel_rapl_msr intel_rapl_common rapl hv_balloon hv_utils i2c_piix4 pcspkr joydev fuse ext4 mbcache jbd2 sr_mod sd_mod cdrom t10_pi sg ata_generic pci_hyperv pci_hyperv_intf hyperv_drm drm_shmem_helper drm_kms_helper hv_storvsc syscopyarea hv_netvsc sysfillrect sysimgblt hid_hyperv fb_sys_fops scsi_transport_fc hyperv_keyboard drm ata_piix crct10dif_pclmul crc32_pclmul crc32c_intel libata ghash_clmulni_intel hv_vmbus serio_raw [last unloaded: ib_core] CR2: 0000000000000000 ---[ end trace f6f8be4eae12f7bc ]---(CVE-2024-53224)\n\nIn the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfad_im_module_exit() BUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dump_stack_lvl+0x95/0xe0 print_report+0xcb/0x620 kasan_report+0xbd/0xf0 __lock_acquire+0x2aca/0x3a20 lock_acquire+0x19b/0x520 _raw_spin_lock+0x2b/0x40 attribute_container_unregister+0x30/0x160 fc_release_transport+0x19/0x90 [scsi_transport_fc] bfad_im_module_exit+0x23/0x60 [bfa] bfad_init+0xdb/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Allocated by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 __kasan_kmalloc+0x7f/0x90 fc_attach_transport+0x4f/0x4740 [scsi_transport_fc] bfad_im_module_init+0x17/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Freed by task 25303: kasan_save_stack+0x24/0x50 kasan_save_track+0x14/0x30 kasan_save_free_info+0x3b/0x60 __kasan_slab_free+0x38/0x50 kfree+0x212/0x480 bfad_im_module_init+0x7e/0x80 [bfa] bfad_init+0x23/0xff0 [bfa] do_one_initcall+0xdc/0x550 do_init_module+0x22d/0x6b0 load_module+0x4e96/0x5ff0 init_module_from_file+0xcd/0x130 idempotent_init_module+0x330/0x620 __x64_sys_finit_module+0xb3/0x110 do_syscall_64+0xc1/0x1d0 entry_SYSCALL_64_after_hwframe+0x77/0x7f Above issue happens as follows: bfad_init error = bfad_im_module_init() fc_release_transport(bfad_im_scsi_transport_template); if (error) goto ext; ext: bfad_im_module_exit(); fc_release_transport(bfad_im_scsi_transport_template); --> Trigger double release Don't call bfad_im_module_exit() if bfad_im_module_init() failed.(CVE-2024-53227)\n\nIn the Linux kernel, the following vulnerability has been resolved: drm: zynqmp_kms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an error without further calls into this driver's internals.(CVE-2024-56538)\n\nIn the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times Devices block sizes may change. One of these cases is a loop device by using ioctl LOOP_SET_BLOCK_SIZE. While this may cause other issues like IO being rejected, in the case of hfsplus, it will allocate a block by using that size and potentially write out-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the latter function reads a different io_size. Using a new min_io_size initally set to sb_min_blocksize works for the purposes of the original fix, since it will be set to the max between HFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the max between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not initialized. Tested by mounting an hfsplus filesystem with loop block sizes 512, 1024 and 4096. The produced KASAN report before the fix looks like this: [ 419.944641] ================================================================== [ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a [ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678 [ 419.947612] [ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84 [ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 [ 419.950035] Call Trace: [ 419.950384] [ 419.950676] dump_stack_lvl+0x57/0x78 [ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.951830] print_report+0x14c/0x49e [ 419.952361] ? __virt_addr_valid+0x267/0x278 [ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d [ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.954231] kasan_report+0x89/0xb0 [ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a [ 419.955367] hfsplus_read_wrapper+0x659/0xa0a [ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10 [ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9 [ 419.957214] ? _raw_spin_unlock+0x1a/0x2e [ 419.957772] hfsplus_fill_super+0x348/0x1590 [ 419.958355] ? hlock_class+0x4c/0x109 [ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 419.959499] ? __pfx_string+0x10/0x10 [ 419.960006] ? lock_acquire+0x3e2/0x454 [ 419.960532] ? bdev_name.constprop.0+0xce/0x243 [ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10 [ 419.961799] ? pointer+0x3f0/0x62f [ 419.962277] ? __pfx_pointer+0x10/0x10 [ 419.962761] ? vsnprintf+0x6c4/0xfba [ 419.963178] ? __pfx_vsnprintf+0x10/0x10 [ 419.963621] ? setup_bdev_super+0x376/0x3b3 [ 419.964029] ? snprintf+0x9d/0xd2 [ 419.964344] ? __pfx_snprintf+0x10/0x10 [ 419.964675] ? lock_acquired+0x45c/0x5e9 [ 419.965016] ? set_blocksize+0x139/0x1c1 [ 419.965381] ? sb_set_blocksize+0x6d/0xae [ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10 [ 419.966179] mount_bdev+0x12f/0x1bf [ 419.966512] ? __pfx_mount_bdev+0x10/0x10 [ 419.966886] ? vfs_parse_fs_string+0xce/0x111 [ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10 [ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10 [ 419.968073] legacy_get_tree+0x104/0x178 [ 419.968414] vfs_get_tree+0x86/0x296 [ 419.968751] path_mount+0xba3/0xd0b [ 419.969157] ? __pfx_path_mount+0x10/0x10 [ 419.969594] ? kmem_cache_free+0x1e2/0x260 [ 419.970311] do_mount+0x99/0xe0 [ 419.970630] ? __pfx_do_mount+0x10/0x10 [ 419.971008] __do_sys_mount+0x199/0x1c9 [ 419.971397] do_syscall_64+0xd0/0x135 [ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e [ 419.972233] RIP: 0033:0x7c3cb812972e [ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48 [ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5 [ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e [ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI: ---truncated---(CVE-2024-56548)\n\nIn the Linux kernel, the following vulnerability has been resolved: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() if (dev->boardinfo && dev->boardinfo->init_dyn_addr) ^^^ here check \"init_dyn_addr\" i3c_bus_set_addr_slot_status(&master->bus, dev->info.dyn_addr, ...) ^^^^ free \"dyn_addr\" Fix copy/paste error \"dyn_addr\" by replacing it with \"init_dyn_addr\".(CVE-2024-56562)\n\nIn the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stack_trace_filter When executing the following command: # echo \"write*:mod:ext3\" > /sys/kernel/tracing/stack_trace_filter The current mod command causes a null pointer dereference. While commit 0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\") has addressed part of the issue, it left a corner case unhandled, which still results in a kernel crash.(CVE-2024-56569)\n\nIn the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovl_dentry_weird() function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause errors in overlayfs when passed to the lowerstack.(CVE-2024-56570)\n\nIn the Linux kernel, the following vulnerability has been resolved: media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() The buffer in the loop should be released under the exception path, otherwise there may be a memory leak here. To mitigate this, free the buffer when allegro_alloc_buffer fails.(CVE-2024-56572)\n\nIn the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfs_ref_tree_mod() after we successfully inserted the new ref entry (local variable 'ref') into the respective block entry's rbtree (local variable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF, we error out and free the ref entry without removing it from the block entry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call btrfs_free_ref_cache(), which iterates over all block entries and then calls free_block_entry() for each one, and there we will trigger a use-after-free when we are called against the block entry to which we added the freed ref entry to its rbtree, since the rbtree still points to the block entry, as we didn't remove it from the rbtree before freeing it in the error path at btrfs_ref_tree_mod(). Fix this by removing the new ref entry from the rbtree before freeing it. Syzbot report this with the following stack traces: BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615 __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523 update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314 btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline] btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23 btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482 btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293 vfs_unlink+0x365/0x650 fs/namei.c:4469 do_unlinkat+0x4ae/0x830 fs/namei.c:4533 __do_sys_unlinkat fs/namei.c:4576 [inline] __se_sys_unlinkat fs/namei.c:4569 [inline] __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f BTRFS error (device loop0 state EA): Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1 __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521 update_ref_for_cow+0x96a/0x11f0 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411 __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030 btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline] __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137 __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171 btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313 prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586 relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611 btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081 btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377 __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161 btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538 BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615 __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523 update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512 btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594 btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754 btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116 btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411 __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030 btrfs_update_delayed_i ---truncated---(CVE-2024-56581)\n\nIn the Linux kernel, the following vulnerability has been resolved: sched/deadline: Fix warning in migrate_enable for boosted tasks When running the following command: while true; do stress-ng --cyclic 30 --timeout 30s --minimize --quiet done a warning is eventually triggered: WARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794 setup_new_dl_entity+0x13e/0x180 ... Call Trace: ? show_trace_log_lvl+0x1c4/0x2df ? enqueue_dl_entity+0x631/0x6e0 ? setup_new_dl_entity+0x13e/0x180 ? __warn+0x7e/0xd0 ? report_bug+0x11a/0x1a0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x14/0x70 ? asm_exc_invalid_op+0x16/0x20 enqueue_dl_entity+0x631/0x6e0 enqueue_task_dl+0x7d/0x120 __do_set_cpus_allowed+0xe3/0x280 __set_cpus_allowed_ptr_locked+0x140/0x1d0 __set_cpus_allowed_ptr+0x54/0xa0 migrate_enable+0x7e/0x150 rt_spin_unlock+0x1c/0x90 group_send_sig_info+0xf7/0x1a0 ? kill_pid_info+0x1f/0x1d0 kill_pid_info+0x78/0x1d0 kill_proc_info+0x5b/0x110 __x64_sys_kill+0x93/0xc0 do_syscall_64+0x5c/0xf0 entry_SYSCALL_64_after_hwframe+0x6e/0x76 RIP: 0033:0x7f0dab31f92b This warning occurs because set_cpus_allowed dequeues and enqueues tasks with the ENQUEUE_RESTORE flag set. If the task is boosted, the warning is triggered. A boosted task already had its parameters set by rt_mutex_setprio, and a new call to setup_new_dl_entity is unnecessary, hence the WARN_ON call. Check if we are requeueing a boosted task and avoid calling setup_new_dl_entity if that's the case.(CVE-2024-56583)\n\nIn the Linux kernel, the following vulnerability has been resolved: io_uring/tctx: work around xa_store() allocation error issue syzbot triggered the following WARN_ON: WARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51 which is the WARN_ON_ONCE(!xa_empty(&tctx->xa)); sanity check in __io_uring_free() when a io_uring_task is going through its final put. The syzbot test case includes injecting memory allocation failures, and it very much looks like xa_store() can fail one of its memory allocations and end up with ->head being non-NULL even though no entries exist in the xarray. Until this issue gets sorted out, work around it by attempting to iterate entries in our xarray, and WARN_ON_ONCE() if one is found.(CVE-2024-56584)\n\nIn the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. creating a large files during checkpoint disable until it runs out of space and then delete it, then remount to enable checkpoint again, and then unmount the filesystem triggers the f2fs_bug_on as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/inode.c:896! CPU: 2 UID: 0 PID: 1286 Comm: umount Not tainted 6.11.0-rc7-dirty #360 Oops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI RIP: 0010:f2fs_evict_inode+0x58c/0x610 Call Trace: __die_body+0x15/0x60 die+0x33/0x50 do_trap+0x10a/0x120 f2fs_evict_inode+0x58c/0x610 do_error_trap+0x60/0x80 f2fs_evict_inode+0x58c/0x610 exc_invalid_op+0x53/0x60 f2fs_evict_inode+0x58c/0x610 asm_exc_invalid_op+0x16/0x20 f2fs_evict_inode+0x58c/0x610 evict+0x101/0x260 dispose_list+0x30/0x50 evict_inodes+0x140/0x190 generic_shutdown_super+0x2f/0x150 kill_block_super+0x11/0x40 kill_f2fs_super+0x7d/0x140 deactivate_locked_super+0x2a/0x70 cleanup_mnt+0xb3/0x140 task_work_run+0x61/0x90 The root cause is: creating large files during disable checkpoint period results in not enough free segments, so when writing back root inode will failed in f2fs_enable_checkpoint. When umount the file system after enabling checkpoint, the root inode is dirty in f2fs_evict_inode function, which triggers BUG_ON. The steps to reproduce are as follows: dd if=/dev/zero of=f2fs.img bs=1M count=55 mount f2fs.img f2fs_dir -o checkpoint=disable:10% dd if=/dev/zero of=big bs=1M count=50 sync rm big mount -o remount,checkpoint=enable f2fs_dir umount f2fs_dir Let's redirty inode when there is not free segments during checkpoint is disable.(CVE-2024-56586)\n\nIn the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Add cond_resched() for no forced preemption model For no forced preemption model kernel, in the scenario where the expander is connected to 12 high performance SAS SSDs, the following call trace may occur: [ 214.409199][ C240] watchdog: BUG: soft lockup - CPU#240 stuck for 22s! [irq/149-hisi_sa:3211] [ 214.568533][ C240] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--) [ 214.575224][ C240] pc : fput_many+0x8c/0xdc [ 214.579480][ C240] lr : fput+0x1c/0xf0 [ 214.583302][ C240] sp : ffff80002de2b900 [ 214.587298][ C240] x29: ffff80002de2b900 x28: ffff1082aa412000 [ 214.593291][ C240] x27: ffff3062a0348c08 x26: ffff80003a9f6000 [ 214.599284][ C240] x25: ffff1062bbac5c40 x24: 0000000000001000 [ 214.605277][ C240] x23: 000000000000000a x22: 0000000000000001 [ 214.611270][ C240] x21: 0000000000001000 x20: 0000000000000000 [ 214.617262][ C240] x19: ffff3062a41ae580 x18: 0000000000010000 [ 214.623255][ C240] x17: 0000000000000001 x16: ffffdb3a6efe5fc0 [ 214.629248][ C240] x15: ffffffffffffffff x14: 0000000003ffffff [ 214.635241][ C240] x13: 000000000000ffff x12: 000000000000029c [ 214.641234][ C240] x11: 0000000000000006 x10: ffff80003a9f7fd0 [ 214.647226][ C240] x9 : ffffdb3a6f0482fc x8 : 0000000000000001 [ 214.653219][ C240] x7 : 0000000000000002 x6 : 0000000000000080 [ 214.659212][ C240] x5 : ffff55480ee9b000 x4 : fffffde7f94c6554 [ 214.665205][ C240] x3 : 0000000000000002 x2 : 0000000000000020 [ 214.671198][ C240] x1 : 0000000000000021 x0 : ffff3062a41ae5b8 [ 214.677191][ C240] Call trace: [ 214.680320][ C240] fput_many+0x8c/0xdc [ 214.684230][ C240] fput+0x1c/0xf0 [ 214.687707][ C240] aio_complete_rw+0xd8/0x1fc [ 214.692225][ C240] blkdev_bio_end_io+0x98/0x140 [ 214.696917][ C240] bio_endio+0x160/0x1bc [ 214.701001][ C240] blk_update_request+0x1c8/0x3bc [ 214.705867][ C240] scsi_end_request+0x3c/0x1f0 [ 214.710471][ C240] scsi_io_completion+0x7c/0x1a0 [ 214.715249][ C240] scsi_finish_command+0x104/0x140 [ 214.720200][ C240] scsi_softirq_done+0x90/0x180 [ 214.724892][ C240] blk_mq_complete_request+0x5c/0x70 [ 214.730016][ C240] scsi_mq_done+0x48/0xac [ 214.734194][ C240] sas_scsi_task_done+0xbc/0x16c [libsas] [ 214.739758][ C240] slot_complete_v3_hw+0x260/0x760 [hisi_sas_v3_hw] [ 214.746185][ C240] cq_thread_v3_hw+0xbc/0x190 [hisi_sas_v3_hw] [ 214.752179][ C240] irq_thread_fn+0x34/0xa4 [ 214.756435][ C240] irq_thread+0xc4/0x130 [ 214.760520][ C240] kthread+0x108/0x13c [ 214.764430][ C240] ret_from_fork+0x10/0x18 This is because in the hisi_sas driver, both the hardware interrupt handler and the interrupt thread are executed on the same CPU. In the performance test scenario, function irq_wait_for_interrupt() will always return 0 if lots of interrupts occurs and the CPU will be continuously consumed. As a result, the CPU cannot run the watchdog thread. When the watchdog time exceeds the specified time, call trace occurs. To fix it, add cond_resched() to execute the watchdog thread.(CVE-2024-56589)\n\nIn the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: set the right AMDGPU sg segment limitation The driver needs to set the correct max_segment_size; otherwise debug_dma_map_sg() will complain about the over-mapping of the AMDGPU sg length as following: WARNING: CPU: 6 PID: 1964 at kernel/dma/debug.c:1178 debug_dma_map_sg+0x2dc/0x370 [ 364.049444] Modules linked in: veth amdgpu(OE) amdxcp drm_exec gpu_sched drm_buddy drm_ttm_helper ttm(OE) drm_suballoc_helper drm_display_helper drm_kms_helper i2c_algo_bit rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace netfs xt_conntrack xt_MASQUERADE nf_conntrack_netlink xfrm_user xfrm_algo iptable_nat xt_addrtype iptable_filter br_netfilter nvme_fabrics overlay nfnetlink_cttimeout nfnetlink openvswitch nsh nf_conncount nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bridge stp llc amd_atl intel_rapl_msr intel_rapl_common sunrpc sch_fq_codel snd_hda_codec_realtek snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg edac_mce_amd binfmt_misc snd_hda_codec snd_pci_acp6x snd_hda_core snd_acp_config snd_hwdep snd_soc_acpi kvm_amd snd_pcm kvm snd_seq_midi snd_seq_midi_event crct10dif_pclmul ghash_clmulni_intel sha512_ssse3 snd_rawmidi sha256_ssse3 sha1_ssse3 aesni_intel snd_seq nls_iso8859_1 crypto_simd snd_seq_device cryptd snd_timer rapl input_leds snd [ 364.049532] ipmi_devintf wmi_bmof ccp serio_raw k10temp sp5100_tco soundcore ipmi_msghandler cm32181 industrialio mac_hid msr parport_pc ppdev lp parport drm efi_pstore ip_tables x_tables pci_stub crc32_pclmul nvme ahci libahci i2c_piix4 r8169 nvme_core i2c_designware_pci realtek i2c_ccgx_ucsi video wmi hid_generic cdc_ether usbnet usbhid hid r8152 mii [ 364.049576] CPU: 6 PID: 1964 Comm: rocminfo Tainted: G OE 6.10.0-custom #492 [ 364.049579] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS RMJ1009A 06/13/2021 [ 364.049582] RIP: 0010:debug_dma_map_sg+0x2dc/0x370 [ 364.049585] Code: 89 4d b8 e8 36 b1 86 00 8b 4d b8 48 8b 55 b0 44 8b 45 a8 4c 8b 4d a0 48 89 c6 48 c7 c7 00 4b 74 bc 4c 89 4d b8 e8 b4 73 f3 ff <0f> 0b 4c 8b 4d b8 8b 15 c8 2c b8 01 85 d2 0f 85 ee fd ff ff 8b 05 [ 364.049588] RSP: 0018:ffff9ca600b57ac0 EFLAGS: 00010286 [ 364.049590] RAX: 0000000000000000 RBX: ffff88b7c132b0c8 RCX: 0000000000000027 [ 364.049592] RDX: ffff88bb0f521688 RSI: 0000000000000001 RDI: ffff88bb0f521680 [ 364.049594] RBP: ffff9ca600b57b20 R08: 000000000000006f R09: ffff9ca600b57930 [ 364.049596] R10: ffff9ca600b57928 R11: ffffffffbcb46328 R12: 0000000000000000 [ 364.049597] R13: 0000000000000001 R14: ffff88b7c19c0700 R15: ffff88b7c9059800 [ 364.049599] FS: 00007fb2d3516e80(0000) GS:ffff88bb0f500000(0000) knlGS:0000000000000000 [ 364.049601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 364.049603] CR2: 000055610bd03598 CR3: 00000001049f6000 CR4: 0000000000350ef0 [ 364.049605] Call Trace: [ 364.049607] [ 364.049609] ? show_regs+0x6d/0x80 [ 364.049614] ? __warn+0x8c/0x140 [ 364.049618] ? debug_dma_map_sg+0x2dc/0x370 [ 364.049621] ? report_bug+0x193/0x1a0 [ 364.049627] ? handle_bug+0x46/0x80 [ 364.049631] ? exc_invalid_op+0x1d/0x80 [ 364.049635] ? asm_exc_invalid_op+0x1f/0x30 [ 364.049642] ? debug_dma_map_sg+0x2dc/0x370 [ 364.049647] __dma_map_sg_attrs+0x90/0xe0 [ 364.049651] dma_map_sgtable+0x25/0x40 [ 364.049654] amdgpu_bo_move+0x59a/0x850 [amdgpu] [ 364.049935] ? srso_return_thunk+0x5/0x5f [ 364.049939] ? amdgpu_ttm_tt_populate+0x5d/0xc0 [amdgpu] [ 364.050095] ttm_bo_handle_move_mem+0xc3/0x180 [ttm] [ 364.050103] ttm_bo_validate+0xc1/0x160 [ttm] [ 364.050108] ? amdgpu_ttm_tt_get_user_pages+0xe5/0x1b0 [amdgpu] [ 364.050263] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0xa12/0xc90 [amdgpu] [ 364.050473] kfd_ioctl_alloc_memory_of_gpu+0x16b/0x3b0 [amdgpu] [ 364.050680] kfd_ioctl+0x3c2/0x530 [amdgpu] [ 364.050866] ? __pfx_kfd_ioctl_alloc_memory_of_gpu+0x10/0x10 [amdgpu] [ 364.05105 ---truncated---(CVE-2024-56594)\n\nIn the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfs_readdir The stbl might contain some invalid values. Added a check to return error code in that case.(CVE-2024-56596)\n\nIn the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can be sometimes out of bounds due to a bad filesystem. Added a check with appopriate return of error code in that case.(CVE-2024-56598)\n\nIn the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() bt_sock_alloc() attaches allocated sk object to the provided sock object. If rfcomm_dlc_alloc() fails, we release the sk object, but leave the dangling pointer in the sock object, which may cause use-after-free. Fix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().(CVE-2024-56604)\n\nIn the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() bt_sock_alloc() allocates the sk object and attaches it to the provided sock object. On error l2cap_sock_alloc() frees the sk object, but the dangling pointer is still attached to the sock object, which may create use-after-free in other code.(CVE-2024-56605)\n\nIn the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An issue was identified in the dcn21_link_encoder_create function where an out-of-bounds access could occur when the hpd_source index was used to reference the link_enc_hpd_regs array. This array has a fixed size and the index was not being checked against the array's bounds before accessing it. This fix adds a conditional check to ensure that the hpd_source index is within the valid range of the link_enc_hpd_regs array. If the index is out of bounds, the function now returns NULL to prevent undefined behavior. References: [ 65.920507] ------------[ cut here ]------------ [ 65.920510] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn21/dcn21_resource.c:1312:29 [ 65.920519] index 7 is out of range for type 'dcn10_link_enc_hpd_registers [5]' [ 65.920523] CPU: 3 PID: 1178 Comm: modprobe Tainted: G OE 6.8.0-cleanershaderfeatureresetasdntipmi200nv2132 #13 [ 65.920525] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS WMJ0429N_Weekly_20_04_2 04/29/2020 [ 65.920527] Call Trace: [ 65.920529] [ 65.920532] dump_stack_lvl+0x48/0x70 [ 65.920541] dump_stack+0x10/0x20 [ 65.920543] __ubsan_handle_out_of_bounds+0xa2/0xe0 [ 65.920549] dcn21_link_encoder_create+0xd9/0x140 [amdgpu] [ 65.921009] link_create+0x6d3/0xed0 [amdgpu] [ 65.921355] create_links+0x18a/0x4e0 [amdgpu] [ 65.921679] dc_create+0x360/0x720 [amdgpu] [ 65.921999] ? dmi_matches+0xa0/0x220 [ 65.922004] amdgpu_dm_init+0x2b6/0x2c90 [amdgpu] [ 65.922342] ? console_unlock+0x77/0x120 [ 65.922348] ? dev_printk_emit+0x86/0xb0 [ 65.922354] dm_hw_init+0x15/0x40 [amdgpu] [ 65.922686] amdgpu_device_init+0x26a8/0x33a0 [amdgpu] [ 65.922921] amdgpu_driver_load_kms+0x1b/0xa0 [amdgpu] [ 65.923087] amdgpu_pci_probe+0x1b7/0x630 [amdgpu] [ 65.923087] local_pci_probe+0x4b/0xb0 [ 65.923087] pci_device_probe+0xc8/0x280 [ 65.923087] really_probe+0x187/0x300 [ 65.923087] __driver_probe_device+0x85/0x130 [ 65.923087] driver_probe_device+0x24/0x110 [ 65.923087] __driver_attach+0xac/0x1d0 [ 65.923087] ? __pfx___driver_attach+0x10/0x10 [ 65.923087] bus_for_each_dev+0x7d/0xd0 [ 65.923087] driver_attach+0x1e/0x30 [ 65.923087] bus_add_driver+0xf2/0x200 [ 65.923087] driver_register+0x64/0x130 [ 65.923087] ? __pfx_amdgpu_init+0x10/0x10 [amdgpu] [ 65.923087] __pci_register_driver+0x61/0x70 [ 65.923087] amdgpu_init+0x7d/0xff0 [amdgpu] [ 65.923087] do_one_initcall+0x49/0x310 [ 65.923087] ? kmalloc_trace+0x136/0x360 [ 65.923087] do_init_module+0x6a/0x270 [ 65.923087] load_module+0x1fce/0x23a0 [ 65.923087] init_module_from_file+0x9c/0xe0 [ 65.923087] ? init_module_from_file+0x9c/0xe0 [ 65.923087] idempotent_init_module+0x179/0x230 [ 65.923087] __x64_sys_finit_module+0x5d/0xa0 [ 65.923087] do_syscall_64+0x76/0x120 [ 65.923087] entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ 65.923087] RIP: 0033:0x7f2d80f1e88d [ 65.923087] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 b5 0f 00 f7 d8 64 89 01 48 [ 65.923087] RSP: 002b:00007ffc7bc1aa78 EFLAGS: 00000246 ORIG_RAX: 0000000000000139 [ 65.923087] RAX: ffffffffffffffda RBX: 0000564c9c1db130 RCX: 00007f2d80f1e88d [ 65.923087] RDX: 0000000000000000 RSI: 0000564c9c1e5480 RDI: 000000000000000f [ 65.923087] RBP: 0000000000040000 R08: 0000000000000000 R09: 0000000000000002 [ 65.923087] R10: 000000000000000f R11: 0000000000000246 R12: 0000564c9c1e5480 [ 65.923087] R13: 0000564c9c1db260 R14: 0000000000000000 R15: 0000564c9c1e54b0 [ 65.923087] [ 65.923927] ---[ end trace ]---(CVE-2024-56608)\n\nIn the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as changing the type from int to u32, however, when compared to XSKMAP case, one more thing needs to be addressed. When map is released from system via dev_map_free(), we iterate through all of the entries and an iterator variable is also an int, which implies OOB accesses. Again, change it to be u32. Example splat below: [ 160.724676] BUG: unable to handle page fault for address: ffffc8fc2c001000 [ 160.731662] #PF: supervisor read access in kernel mode [ 160.736876] #PF: error_code(0x0000) - not-present page [ 160.742095] PGD 0 P4D 0 [ 160.744678] Oops: Oops: 0000 [#1] PREEMPT SMP [ 160.749106] CPU: 1 UID: 0 PID: 520 Comm: kworker/u145:12 Not tainted 6.12.0-rc1+ #487 [ 160.757050] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019 [ 160.767642] Workqueue: events_unbound bpf_map_free_deferred [ 160.773308] RIP: 0010:dev_map_free+0x77/0x170 [ 160.777735] Code: 00 e8 fd 91 ed ff e8 b8 73 ed ff 41 83 7d 18 19 74 6e 41 8b 45 24 49 8b bd f8 00 00 00 31 db 85 c0 74 48 48 63 c3 48 8d 04 c7 <48> 8b 28 48 85 ed 74 30 48 8b 7d 18 48 85 ff 74 05 e8 b3 52 fa ff [ 160.796777] RSP: 0018:ffffc9000ee1fe38 EFLAGS: 00010202 [ 160.802086] RAX: ffffc8fc2c001000 RBX: 0000000080000000 RCX: 0000000000000024 [ 160.809331] RDX: 0000000000000000 RSI: 0000000000000024 RDI: ffffc9002c001000 [ 160.816576] RBP: 0000000000000000 R08: 0000000000000023 R09: 0000000000000001 [ 160.823823] R10: 0000000000000001 R11: 00000000000ee6b2 R12: dead000000000122 [ 160.831066] R13: ffff88810c928e00 R14: ffff8881002df405 R15: 0000000000000000 [ 160.838310] FS: 0000000000000000(0000) GS:ffff8897e0c40000(0000) knlGS:0000000000000000 [ 160.846528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.852357] CR2: ffffc8fc2c001000 CR3: 0000000005c32006 CR4: 00000000007726f0 [ 160.859604] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 160.866847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 160.874092] PKRU: 55555554 [ 160.876847] Call Trace: [ 160.879338] [ 160.881477] ? __die+0x20/0x60 [ 160.884586] ? page_fault_oops+0x15a/0x450 [ 160.888746] ? search_extable+0x22/0x30 [ 160.892647] ? search_bpf_extables+0x5f/0x80 [ 160.896988] ? exc_page_fault+0xa9/0x140 [ 160.900973] ? asm_exc_page_fault+0x22/0x30 [ 160.905232] ? dev_map_free+0x77/0x170 [ 160.909043] ? dev_map_free+0x58/0x170 [ 160.912857] bpf_map_free_deferred+0x51/0x90 [ 160.917196] process_one_work+0x142/0x370 [ 160.921272] worker_thread+0x29e/0x3b0 [ 160.925082] ? rescuer_thread+0x4b0/0x4b0 [ 160.929157] kthread+0xd4/0x110 [ 160.932355] ? kthread_park+0x80/0x80 [ 160.936079] ret_from_fork+0x2d/0x50 [ 160.943396] ? kthread_park+0x80/0x80 [ 160.950803] ret_from_fork_asm+0x11/0x20 [ 160.958482] (CVE-2024-56615)\n\nIn the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access outside the folio/page range may occur, or a use-after-free bug may be detected if KASAN is enabled. This is because nilfs_last_byte(), which is called by nilfs_find_entry() and others to calculate the number of valid bytes of directory data in a page from i_size and the page index, loses the upper 32 bits of the 64-bit size information due to an inappropriate type of local variable to which the i_size value is assigned. This caused a large byte offset value due to underflow in the end address calculation in the calling nilfs_find_entry(), resulting in memory access that exceeds the folio/page size. Fix this issue by changing the type of the local variable causing the bit loss from \"unsigned int\" to \"u64\". The return value of nilfs_last_byte() is also of type \"unsigned int\", but it is truncated so as not to exceed PAGE_SIZE and no bit loss occurs, so no change is required.(CVE-2024-56619)\n\nIn the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read An offset from client could be a negative value, It could lead to an out-of-bounds read from the stream_buf. Note that this issue is coming when setting 'vfs objects = streams_xattr parameter' in ksmbd.conf.(CVE-2024-56627)\n\nIn the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix when get product name maybe null pointer Due to incorrect dev->product reporting by certain devices, null pointer dereferences occur when dev->product is empty, leading to potential system crashes. This issue was found on EXCELSIOR DL37-D05 device with Loongson-LS3A6000-7A2000-DL37 motherboard. Kernel logs: [ 56.470885] usb 4-3: new full-speed USB device number 4 using ohci-pci [ 56.671638] usb 4-3: string descriptor 0 read error: -22 [ 56.671644] usb 4-3: New USB device found, idVendor=056a, idProduct=0374, bcdDevice= 1.07 [ 56.671647] usb 4-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.678839] hid-generic 0003:056A:0374.0004: hiddev0,hidraw3: USB HID v1.10 Device [HID 056a:0374] on usb-0000:00:05.0-3/input0 [ 56.697719] CPU 2 Unable to handle kernel paging request at virtual address 0000000000000000, era == 90000000066e35c8, ra == ffff800004f98a80 [ 56.697732] Oops[#1]: [ 56.697734] CPU: 2 PID: 2742 Comm: (udev-worker) Tainted: G OE 6.6.0-loong64-desktop #25.00.2000.015 [ 56.697737] Hardware name: Inspur CE520L2/C09901N000000000, BIOS 2.09.00 10/11/2024 [ 56.697739] pc 90000000066e35c8 ra ffff800004f98a80 tp 9000000125478000 sp 900000012547b8a0 [ 56.697741] a0 0000000000000000 a1 ffff800004818b28 a2 0000000000000000 a3 0000000000000000 [ 56.697743] a4 900000012547b8f0 a5 0000000000000000 a6 0000000000000000 a7 0000000000000000 [ 56.697745] t0 ffff800004818b2d t1 0000000000000000 t2 0000000000000003 t3 0000000000000005 [ 56.697747] t4 0000000000000000 t5 0000000000000000 t6 0000000000000000 t7 0000000000000000 [ 56.697748] t8 0000000000000000 u0 0000000000000000 s9 0000000000000000 s0 900000011aa48028 [ 56.697750] s1 0000000000000000 s2 0000000000000000 s3 ffff800004818e80 s4 ffff800004810000 [ 56.697751] s5 90000001000b98d0 s6 ffff800004811f88 s7 ffff800005470440 s8 0000000000000000 [ 56.697753] ra: ffff800004f98a80 wacom_update_name+0xe0/0x300 [wacom] [ 56.697802] ERA: 90000000066e35c8 strstr+0x28/0x120 [ 56.697806] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 56.697816] PRMD: 0000000c (PPLV0 +PIE +PWE) [ 56.697821] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 56.697827] ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7) [ 56.697831] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) [ 56.697835] BADV: 0000000000000000 [ 56.697836] PRID: 0014d000 (Loongson-64bit, Loongson-3A6000) [ 56.697838] Modules linked in: wacom(+) bnep bluetooth rfkill qrtr nls_iso8859_1 nls_cp437 snd_hda_codec_conexant snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore input_leds mousedev led_class joydev deepin_netmonitor(OE) fuse nfnetlink dmi_sysfs ip_tables x_tables overlay amdgpu amdxcp drm_exec gpu_sched drm_buddy radeon drm_suballoc_helper i2c_algo_bit drm_ttm_helper r8169 ttm drm_display_helper spi_loongson_pci xhci_pci cec xhci_pci_renesas spi_loongson_core hid_generic realtek gpio_loongson_64bit [ 56.697887] Process (udev-worker) (pid: 2742, threadinfo=00000000aee0d8b4, task=00000000a9eff1f3) [ 56.697890] Stack : 0000000000000000 ffff800004817e00 0000000000000000 0000251c00000000 [ 56.697896] 0000000000000000 00000011fffffffd 0000000000000000 0000000000000000 [ 56.697901] 0000000000000000 1b67a968695184b9 0000000000000000 90000001000b98d0 [ 56.697906] 90000001000bb8d0 900000011aa48028 0000000000000000 ffff800004f9d74c [ 56.697911] 90000001000ba000 ffff800004f9ce58 0000000000000000 ffff800005470440 [ 56.697916] ffff800004811f88 90000001000b98d0 9000000100da2aa8 90000001000bb8d0 [ 56.697921] 0000000000000000 90000001000ba000 900000011aa48028 ffff800004f9d74c [ 56.697926] ffff8000054704e8 90000001000bb8b8 90000001000ba000 0000000000000000 [ 56.697931] 90000001000bb8d0 ---truncated---(CVE-2024-56629)\n\nIn the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix UAF in blkcg_unpin_online() blkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To walk up, it uses blkcg_parent(blkcg) but it was calling that after blkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the following UAF: ================================================================== BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270 Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117 CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022 Workqueue: cgwb_release cgwb_release_workfn Call Trace: dump_stack_lvl+0x27/0x80 print_report+0x151/0x710 kasan_report+0xc0/0x100 blkcg_unpin_online+0x15a/0x270 cgwb_release_workfn+0x194/0x480 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 ... Freed by task 1944: kasan_save_track+0x2b/0x70 kasan_save_free_info+0x3c/0x50 __kasan_slab_free+0x33/0x50 kfree+0x10c/0x330 css_free_rwork_fn+0xe6/0xb30 process_scheduled_works+0x71b/0xe20 worker_thread+0x82a/0xbd0 kthread+0x242/0x2c0 ret_from_fork+0x33/0x70 ret_from_fork_asm+0x1a/0x30 Note that the UAF is not easy to trigger as the free path is indirected behind a couple RCU grace periods and a work item execution. I could only trigger it with artifical msleep() injected in blkcg_unpin_online(). Fix it by reading the parent pointer before destroying the blkcg's blkg's.(CVE-2024-56672)\n\nIn the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahash_hmac_init function The ahash_init functions may return fails. The ahash_hmac_init should not return ok when ahash_init returns error. For an example, ahash_init will return -ENOMEM when allocation memory is error.(CVE-2024-56681)\n\nIn the Linux kernel, the following vulnerability has been resolved: ext4: fix race in buffer_head read fault injection When I enabled ext4 debug for fault injection testing, I encountered the following warning: EXT4-fs error (device sda): ext4_read_inode_bitmap:201: comm fsstress: Cannot read inode bitmap - block_group = 8, inode_bitmap = 1051 WARNING: CPU: 0 PID: 511 at fs/buffer.c:1181 mark_buffer_dirty+0x1b3/0x1d0 The root cause of the issue lies in the improper implementation of ext4's buffer_head read fault injection. The actual completion of buffer_head read and the buffer_head fault injection are not atomic, which can lead to the uptodate flag being cleared on normally used buffer_heads in race conditions. [CPU0] [CPU1] [CPU2] ext4_read_inode_bitmap ext4_read_bh() ext4_read_inode_bitmap if (buffer_uptodate(bh)) return bh jbd2_journal_commit_transaction __jbd2_journal_refile_buffer __jbd2_journal_unfile_buffer __jbd2_journal_temp_unlink_buffer ext4_simulate_fail_bh() clear_buffer_uptodate mark_buffer_dirty WARN_ON_ONCE(!buffer_uptodate(bh)) The best approach would be to perform fault injection in the IO completion callback function, rather than after IO completion. However, the IO completion callback function cannot get the fault injection code in sb. Fix it by passing the result of fault injection into the bh read function, we simulate faults within the bh read function itself. This requires adding an extra parameter to the bh read functions that need fault injection.(CVE-2024-56686)\n\nIn the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device While design wise the idea of converting the driver to use the hierarchy of the IRQ chips is correct, the implementation has (inherited) flaws. This was unveiled when platform_get_irq() had started WARN() on IRQ 0 that is supposed to be a Linux IRQ number (also known as vIRQ). Rework the driver to respect IRQ domain when creating each MFD device separately, as the domain is not the same for all of them.(CVE-2024-56691)\n\nIn the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node blkaddr in truncate_node() syzbot reports a f2fs bug as below: ------------[ cut here ]------------ kernel BUG at fs/f2fs/segment.c:2534! RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 Call Trace: truncate_node+0x1ae/0x8c0 fs/f2fs/node.c:909 f2fs_remove_inode_page+0x5c2/0x870 fs/f2fs/node.c:1288 f2fs_evict_inode+0x879/0x15c0 fs/f2fs/inode.c:856 evict+0x4e8/0x9b0 fs/inode.c:723 f2fs_handle_failed_inode+0x271/0x2e0 fs/f2fs/inode.c:986 f2fs_create+0x357/0x530 fs/f2fs/namei.c:394 lookup_open fs/namei.c:3595 [inline] open_last_lookups fs/namei.c:3694 [inline] path_openat+0x1c03/0x3590 fs/namei.c:3930 do_filp_open+0x235/0x490 fs/namei.c:3960 do_sys_openat2+0x13e/0x1d0 fs/open.c:1415 do_sys_open fs/open.c:1430 [inline] __do_sys_openat fs/open.c:1446 [inline] __se_sys_openat fs/open.c:1441 [inline] __x64_sys_openat+0x247/0x2a0 fs/open.c:1441 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f RIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534 The root cause is: on a fuzzed image, blkaddr in nat entry may be corrupted, then it will cause system panic when using it in f2fs_invalidate_blocks(), to avoid this, let's add sanity check on nat blkaddr in truncate_node().(CVE-2024-56692)\n\nIn the Linux kernel, the following vulnerability has been resolved: media: wl128x: Fix atomicity violation in fmc_send_cmd() Atomicity violation occurs when the fmc_send_cmd() function is executed simultaneously with the modification of the fmdev->resp_skb value. Consider a scenario where, after passing the validity check within the function, a non-null fmdev->resp_skb variable is assigned a null value. This results in an invalid fmdev->resp_skb variable passing the validity check. As seen in the later part of the function, skb = fmdev->resp_skb; when the invalid fmdev->resp_skb passes the check, a null pointer dereference error may occur at line 478, evt_hdr = (void *)skb->data; To address this issue, it is recommended to include the validity check of fmdev->resp_skb within the locked section of the function. This modification ensures that the value of fmdev->resp_skb does not change during the validation process, thereby maintaining its validity. This possible bug is found by an experimental static analysis tool developed by our team. This tool analyzes the locking APIs to extract function pairs that can be concurrently executed, and then analyzes the instructions in the paired functions to identify possible concurrency bugs including data races and atomicity violations.(CVE-2024-56700)\n\nIn the Linux kernel, the following vulnerability has been resolved: io_uring: check if iowq is killed before queuing task work can be executed after the task has gone through io_uring termination, whether it's the final task_work run or the fallback path. In this case, task work will find ->io_wq being already killed and null'ed, which is a problem if it then tries to forward the request to io_queue_iowq(). Make io_queue_iowq() fail requests in this case. Note that it also checks PF_KTHREAD, because the user can first close a DEFER_TASKRUN ring and shortly after kill the task, in which case ->iowq check would race.(CVE-2024-56709)\n\nIn the Linux kernel, the following vulnerability has been resolved: rtc: check if __rtc_read_time was successful in rtc_timer_do_work() If the __rtc_read_time call fails,, the struct rtc_time tm; may contain uninitialized data, or an illegal date/time read from the RTC hardware. When calling rtc_tm_to_ktime later, the result may be a very large value (possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue, they will continually expire, may causing kernel softlockup.(CVE-2024-56739)\n\nIn the Linux kernel, the following vulnerability has been resolved: apparmor: test: Fix memory leak for aa_unpack_strdup() The string allocated by kmemdup() in aa_unpack_strdup() is not freed and cause following memory leaks, free them to fix it. unreferenced object 0xffffff80c6af8a50 (size 8): comm \"kunit_try_catch\", pid 225, jiffies 4294894407 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20 unreferenced object 0xffffff80c2a29090 (size 8): comm \"kunit_try_catch\", pid 227, jiffies 4294894409 hex dump (first 8 bytes): 74 65 73 74 69 6e 67 00 testing. backtrace (crc 5eab668b): [<0000000001e3714d>] kmemleak_alloc+0x34/0x40 [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0 [<000000006870467c>] kmemdup_noprof+0x34/0x60 [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c [<0000000046a45c1a>] policy_unpack_test_unpack_strdup_with_name+0xd0/0x3c4 [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec [<00000000adf936cf>] kthread+0x2e8/0x374 [<0000000041bb1628>] ret_from_fork+0x10/0x20(CVE-2024-56741)\n\nIn the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() Hook \"qedi_ops->common->sb_init = qed_sb_init\" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().(CVE-2024-56747)\n\nIn the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() Hook \"qed_ops->common->sb_init = qed_sb_init\" does not release the DMA memory sb_virt when it fails. Add dma_free_coherent() to free it. This is the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().(CVE-2024-56748)\n\nIn the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix freeing of the HMB descriptor table The HMB descriptor table is sized to the maximum number of descriptors that could be used for a given device, but __nvme_alloc_host_mem could break out of the loop earlier on memory allocation failure and end up using less descriptors than planned for, which leads to an incorrect size passed to dma_free_coherent. In practice this was not showing up because the number of descriptors tends to be low and the dma coherent allocator always allocates and frees at least a page.(CVE-2024-56756)\n\nIn the Linux kernel, the following vulnerability has been resolved: tracing: Prevent bad count for tracing_cpumask_write If a large count is provided, it will trigger a warning in bitmap_parse_user. Also check zero for it.(CVE-2024-56763)", "category":"general", "title":"Description" }, { "text":"An update for kernel is now available for openEuler-22.03-LTS-SP3.\n\nopenEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"High", "category":"general", "title":"Severity" }, { "text":"kernel", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-1033", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" }, { "summary":"CVE-2022-49034", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2022-49034&packageName=kernel" }, { "summary":"CVE-2024-47730", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-47730&packageName=kernel" }, { "summary":"CVE-2024-49907", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-49907&packageName=kernel" }, { "summary":"CVE-2024-50001", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50001&packageName=kernel" }, { "summary":"CVE-2024-50188", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50188&packageName=kernel" }, { "summary":"CVE-2024-50233", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50233&packageName=kernel" }, { "summary":"CVE-2024-50264", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-50264&packageName=kernel" }, { "summary":"CVE-2024-53146", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53146&packageName=kernel" }, { "summary":"CVE-2024-53147", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53147&packageName=kernel" }, { "summary":"CVE-2024-53155", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53155&packageName=kernel" }, { "summary":"CVE-2024-53158", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53158&packageName=kernel" }, { "summary":"CVE-2024-53161", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53161&packageName=kernel" }, { "summary":"CVE-2024-53165", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53165&packageName=kernel" }, { "summary":"CVE-2024-53173", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53173&packageName=kernel" }, { "summary":"CVE-2024-53185", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53185&packageName=kernel" }, { "summary":"CVE-2024-53187", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53187&packageName=kernel" }, { "summary":"CVE-2024-53194", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53194&packageName=kernel" }, { "summary":"CVE-2024-53197", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53197&packageName=kernel" }, { "summary":"CVE-2024-53217", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53217&packageName=kernel" }, { "summary":"CVE-2024-53218", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53218&packageName=kernel" }, { "summary":"CVE-2024-53219", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53219&packageName=kernel" }, { "summary":"CVE-2024-53221", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53221&packageName=kernel" }, { "summary":"CVE-2024-53224", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53224&packageName=kernel" }, { "summary":"CVE-2024-53227", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-53227&packageName=kernel" }, { "summary":"CVE-2024-56538", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56538&packageName=kernel" }, { "summary":"CVE-2024-56548", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56548&packageName=kernel" }, { "summary":"CVE-2024-56562", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56562&packageName=kernel" }, { "summary":"CVE-2024-56569", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56569&packageName=kernel" }, { "summary":"CVE-2024-56570", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56570&packageName=kernel" }, { "summary":"CVE-2024-56572", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56572&packageName=kernel" }, { "summary":"CVE-2024-56581", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56581&packageName=kernel" }, { "summary":"CVE-2024-56583", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56583&packageName=kernel" }, { "summary":"CVE-2024-56584", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56584&packageName=kernel" }, { "summary":"CVE-2024-56586", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56586&packageName=kernel" }, { "summary":"CVE-2024-56589", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56589&packageName=kernel" }, { "summary":"CVE-2024-56594", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56594&packageName=kernel" }, { "summary":"CVE-2024-56596", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56596&packageName=kernel" }, { "summary":"CVE-2024-56598", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56598&packageName=kernel" }, { "summary":"CVE-2024-56604", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56604&packageName=kernel" }, { "summary":"CVE-2024-56605", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56605&packageName=kernel" }, { "summary":"CVE-2024-56608", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56608&packageName=kernel" }, { "summary":"CVE-2024-56615", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56615&packageName=kernel" }, { "summary":"CVE-2024-56619", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56619&packageName=kernel" }, { "summary":"CVE-2024-56627", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56627&packageName=kernel" }, { "summary":"CVE-2024-56629", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56629&packageName=kernel" }, { "summary":"CVE-2024-56672", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56672&packageName=kernel" }, { "summary":"CVE-2024-56681", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56681&packageName=kernel" }, { "summary":"CVE-2024-56686", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56686&packageName=kernel" }, { "summary":"CVE-2024-56691", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56691&packageName=kernel" }, { "summary":"CVE-2024-56692", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56692&packageName=kernel" }, { "summary":"CVE-2024-56700", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56700&packageName=kernel" }, { "summary":"CVE-2024-56709", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56709&packageName=kernel" }, { "summary":"CVE-2024-56739", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56739&packageName=kernel" }, { "summary":"CVE-2024-56741", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56741&packageName=kernel" }, { "summary":"CVE-2024-56747", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56747&packageName=kernel" }, { "summary":"CVE-2024-56748", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56748&packageName=kernel" }, { "summary":"CVE-2024-56756", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56756&packageName=kernel" }, { "summary":"CVE-2024-56763", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2024-56763&packageName=kernel" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-49034" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-47730" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-49907" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50001" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50188" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50233" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-50264" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53146" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53147" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53155" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53158" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53161" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53165" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53173" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53185" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53187" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53194" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53197" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53217" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53218" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53219" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53221" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53224" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-53227" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56538" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56548" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56562" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56569" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56570" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56572" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56581" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56583" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56584" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56586" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56589" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56594" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56596" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56598" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56604" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56605" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56608" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56615" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56619" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56627" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56629" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56672" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56681" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56686" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56691" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56692" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56700" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56709" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56739" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56741" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56747" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56748" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56756" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-56763" }, { "summary":"openEuler-SA-2025-1033 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-1033.json" } ], "title":"An update for kernel is now available for openEuler-22.03-LTS-SP3", "tracking":{ "initial_release_date":"2025-01-10T21:10:49+08:00", "revision_history":[ { "date":"2025-01-10T21:10:49+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-01-10T21:10:49+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-01-10T21:10:49+08:00", "id":"openEuler-SA-2025-1033", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"openEuler-22.03-LTS-SP3", "name":"openEuler-22.03-LTS-SP3" }, "name":"openEuler-22.03-LTS-SP3", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-245.0.0.147.oe2203sp3.src.rpm", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.src.rpm" }, "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:22.03-LTS-SP3" }, "product_id":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm" }, "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"perf-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-245.0.0.147.oe2203sp3.src.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.src as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"perf-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-22.03-LTS-SP3", "product_reference":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "name":"python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64 as a component of openEuler-22.03-LTS-SP3" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2022-49034", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK\n\nWhen CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS are selected,\ncpu_max_bits_warn() generates a runtime warning similar as below when\nshowing /proc/cpuinfo. Fix this by using nr_cpu_ids (the runtime limit)\ninstead of NR_CPUS to iterate CPUs.\n\n[ 3.052463] ------------[ cut here ]------------\n[ 3.059679] WARNING: CPU: 3 PID: 1 at include/linux/cpumask.h:108 show_cpuinfo+0x5e8/0x5f0\n[ 3.070072] Modules linked in: efivarfs autofs4\n[ 3.076257] CPU: 0 PID: 1 Comm: systemd Not tainted 5.19-rc5+ #1052\n[ 3.099465] Stack : 9000000100157b08 9000000000f18530 9000000000cf846c 9000000100154000\n[ 3.109127] 9000000100157a50 0000000000000000 9000000100157a58 9000000000ef7430\n[ 3.118774] 90000001001578e8 0000000000000040 0000000000000020 ffffffffffffffff\n[ 3.128412] 0000000000aaaaaa 1ab25f00eec96a37 900000010021de80 900000000101c890\n[ 3.138056] 0000000000000000 0000000000000000 0000000000000000 0000000000aaaaaa\n[ 3.147711] ffff8000339dc220 0000000000000001 0000000006ab4000 0000000000000000\n[ 3.157364] 900000000101c998 0000000000000004 9000000000ef7430 0000000000000000\n[ 3.167012] 0000000000000009 000000000000006c 0000000000000000 0000000000000000\n[ 3.176641] 9000000000d3de08 9000000001639390 90000000002086d8 00007ffff0080286\n[ 3.186260] 00000000000000b0 0000000000000004 0000000000000000 0000000000071c1c\n[ 3.195868] ...\n[ 3.199917] Call Trace:\n[ 3.203941] [<90000000002086d8>] show_stack+0x38/0x14c\n[ 3.210666] [<9000000000cf846c>] dump_stack_lvl+0x60/0x88\n[ 3.217625] [<900000000023d268>] __warn+0xd0/0x100\n[ 3.223958] [<9000000000cf3c90>] warn_slowpath_fmt+0x7c/0xcc\n[ 3.231150] [<9000000000210220>] show_cpuinfo+0x5e8/0x5f0\n[ 3.238080] [<90000000004f578c>] seq_read_iter+0x354/0x4b4\n[ 3.245098] [<90000000004c2e90>] new_sync_read+0x17c/0x1c4\n[ 3.252114] [<90000000004c5174>] vfs_read+0x138/0x1d0\n[ 3.258694] [<90000000004c55f8>] ksys_read+0x70/0x100\n[ 3.265265] [<9000000000cfde9c>] do_syscall+0x7c/0x94\n[ 3.271820] [<9000000000202fe4>] handle_syscall+0xc4/0x160\n[ 3.281824] ---[ end trace 8b484262b4b8c24c ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2022-49034" }, { "cve":"CVE-2024-47730", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: hisilicon/qm - inject error before stopping queue\n\nThe master ooo cannot be completely closed when the\naccelerator core reports memory error. Therefore, the driver\nneeds to inject the qm error to close the master ooo. Currently,\nthe qm error is injected after stopping queue, memory may be\nreleased immediately after stopping queue, causing the device to\naccess the released memory. Therefore, error is injected to close master\nooo before stopping queue to ensure that the device does not access\nthe released memory.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-47730" }, { "cve":"CVE-2024-49907", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check null pointers before using dc->clk_mgr\n\n[WHY & HOW]\ndc->clk_mgr is null checked previously in the same function, indicating\nit might be null.\n\nPassing \"dc\" to \"dc->hwss.apply_idle_power_optimizations\", which\ndereferences null \"dc->clk_mgr\". (The function pointer resolves to\n\"dcn35_apply_idle_power_optimizations\".)\n\nThis fixes 1 FORWARD_NULL issue reported by Coverity.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-49907" }, { "cve":"CVE-2024-50001", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix error path in multi-packet WQE transmit\n\nRemove the erroneous unmap in case no DMA mapping was established\n\nThe multi-packet WQE transmit code attempts to obtain a DMA mapping for\nthe skb. This could fail, e.g. under memory pressure, when the IOMMU\ndriver just can't allocate more memory for page tables. While the code\ntries to handle this in the path below the err_unmap label it erroneously\nunmaps one entry from the sq's FIFO list of active mappings. Since the\ncurrent map attempt failed this unmap is removing some random DMA mapping\nthat might still be required. If the PCI function now presents that IOVA,\nthe IOMMU may assumes a rogue DMA access and e.g. on s390 puts the PCI\nfunction in error state.\n\nThe erroneous behavior was seen in a stress-test environment that created\nmemory pressure.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50001" }, { "cve":"CVE-2024-50188", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: dp83869: fix memory corruption when enabling fiber\n\nWhen configuring the fiber port, the DP83869 PHY driver incorrectly\ncalls linkmode_set_bit() with a bit mask (1 << 10) rather than a bit\nnumber (10). This corrupts some other memory location -- in case of\narm64 the priv pointer in the same structure.\n\nSince the advertising flags are updated from supported at the end of the\nfunction the incorrect line isn't needed at all and can be removed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50188" }, { "cve":"CVE-2024-50233", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nstaging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg()\n\nIn the ad9832_write_frequency() function, clk_get_rate() might return 0.\nThis can lead to a division by zero when calling ad9832_calc_freqreg().\nThe check if (fout > (clk_get_rate(st->mclk) / 2)) does not protect\nagainst the case when fout is 0. The ad9832_write_frequency() function\nis called from ad9832_write(), and fout is derived from a text buffer,\nwhich can contain any value.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-50233" }, { "cve":"CVE-2024-50264", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvsock/virtio: Initialization of the dangling pointer occurring in vsk->trans\n\nDuring loopback communication, a dangling pointer can be created in\nvsk->trans, potentially leading to a Use-After-Free condition. This\nissue is resolved by initializing vsk->trans to NULL.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-50264" }, { "cve":"CVE-2024-53146", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is >= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53146" }, { "cve":"CVE-2024-53147", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nexfat: fix out-of-bounds access of directory entries\n\nIn the case of the directory size is greater than or equal to\nthe cluster size, if start_clu becomes an EOF cluster(an invalid\ncluster) due to file system corruption, then the directory entry\nwhere ei->hint_femp.eidx hint is outside the directory, resulting\nin an out-of-bounds access, which may cause further file system\ncorruption.\n\nThis commit adds a check for start_clu, if it is an invalid cluster,\nthe file or directory will be treated as empty.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53147" }, { "cve":"CVE-2024-53155", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: fix uninitialized value in ocfs2_file_read_iter()\n\nSyzbot has reported the following KMSAN splat:\n\nBUG: KMSAN: uninit-value in ocfs2_file_read_iter+0x9a4/0xf80\n ocfs2_file_read_iter+0x9a4/0xf80\n __io_read+0x8d4/0x20f0\n io_read+0x3e/0xf0\n io_issue_sqe+0x42b/0x22c0\n io_wq_submit_work+0xaf9/0xdc0\n io_worker_handle_work+0xd13/0x2110\n io_wq_worker+0x447/0x1410\n ret_from_fork+0x6f/0x90\n ret_from_fork_asm+0x1a/0x30\n\nUninit was created at:\n __alloc_pages_noprof+0x9a7/0xe00\n alloc_pages_mpol_noprof+0x299/0x990\n alloc_pages_noprof+0x1bf/0x1e0\n allocate_slab+0x33a/0x1250\n ___slab_alloc+0x12ef/0x35e0\n kmem_cache_alloc_bulk_noprof+0x486/0x1330\n __io_alloc_req_refill+0x84/0x560\n io_submit_sqes+0x172f/0x2f30\n __se_sys_io_uring_enter+0x406/0x41c0\n __x64_sys_io_uring_enter+0x11f/0x1a0\n x64_sys_call+0x2b54/0x3ba0\n do_syscall_64+0xcd/0x1e0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nSince an instance of 'struct kiocb' may be passed from the block layer\nwith 'private' field uninitialized, introduce 'ocfs2_iocb_init_rw_locked()'\nand use it from where 'ocfs2_dio_end_io()' might take care, i.e. in\n'ocfs2_file_read_iter()' and 'ocfs2_file_write_iter()'.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.1, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53155" }, { "cve":"CVE-2024-53158", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()\n\nThis loop is supposed to break if the frequency returned from\nclk_round_rate() is the same as on the previous iteration. However,\nthat check doesn't make sense on the first iteration through the loop.\nIt leads to reading before the start of these->clk_perf_tbl[] array.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-53158" }, { "cve":"CVE-2024-53161", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nEDAC/bluefield: Fix potential integer overflow\n\nThe 64-bit argument for the \"get DIMM info\" SMC call consists of mem_ctrl_idx\nleft-shifted 16 bits and OR-ed with DIMM index. With mem_ctrl_idx defined as\n32-bits wide the left-shift operation truncates the upper 16 bits of\ninformation during the calculation of the SMC argument.\n\nThe mem_ctrl_idx stack variable must be defined as 64-bits wide to prevent any\npotential integer overflow, i.e. loss of data from upper 16 bits.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.8, "vectorString":"CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-53161" }, { "cve":"CVE-2024-53165", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsh: intc: Fix use-after-free bug in register_intc_controller()\n\nIn the error handling for this function, d is freed without ever\nremoving it from intc_list which would lead to a use after free.\nTo fix this, let's only add it to the list after everything has\nsucceeded.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-53165" }, { "cve":"CVE-2024-53173", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-53173" }, { "cve":"CVE-2024-53185", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix NULL ptr deref in crypto_aead_setkey()\n\nNeither SMB3.0 or SMB3.02 supports encryption negotiate context, so\nwhen SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response,\nthe client uses AES-128-CCM as the default cipher. See MS-SMB2\n3.3.5.4.\n\nCommit b0abcd65ec54 (\"smb: client: fix UAF in async decryption\") added\na @server->cipher_type check to conditionally call\nsmb3_crypto_aead_allocate(), but that check would always be false as\n@server->cipher_type is unset for SMB3.02.\n\nFix the following KASAN splat by setting @server->cipher_type for\nSMB3.02 as well.\n\nmount.cifs //srv/share /mnt -o vers=3.02,seal,...\n\nBUG: KASAN: null-ptr-deref in crypto_aead_setkey+0x2c/0x130\nRead of size 8 at addr 0000000000000020 by task mount.cifs/1095\nCPU: 1 UID: 0 PID: 1095 Comm: mount.cifs Not tainted 6.12.0 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-3.fc41\n04/01/2014\nCall Trace:\n \n dump_stack_lvl+0x5d/0x80\n ? crypto_aead_setkey+0x2c/0x130\n kasan_report+0xda/0x110\n ? crypto_aead_setkey+0x2c/0x130\n crypto_aead_setkey+0x2c/0x130\n crypt_message+0x258/0xec0 [cifs]\n ? __asan_memset+0x23/0x50\n ? __pfx_crypt_message+0x10/0x10 [cifs]\n ? mark_lock+0xb0/0x6a0\n ? hlock_class+0x32/0xb0\n ? mark_lock+0xb0/0x6a0\n smb3_init_transform_rq+0x352/0x3f0 [cifs]\n ? lock_acquire.part.0+0xf4/0x2a0\n smb_send_rqst+0x144/0x230 [cifs]\n ? __pfx_smb_send_rqst+0x10/0x10 [cifs]\n ? hlock_class+0x32/0xb0\n ? smb2_setup_request+0x225/0x3a0 [cifs]\n ? __pfx_cifs_compound_last_callback+0x10/0x10 [cifs]\n compound_send_recv+0x59b/0x1140 [cifs]\n ? __pfx_compound_send_recv+0x10/0x10 [cifs]\n ? __create_object+0x5e/0x90\n ? hlock_class+0x32/0xb0\n ? do_raw_spin_unlock+0x9a/0xf0\n cifs_send_recv+0x23/0x30 [cifs]\n SMB2_tcon+0x3ec/0xb30 [cifs]\n ? __pfx_SMB2_tcon+0x10/0x10 [cifs]\n ? lock_acquire.part.0+0xf4/0x2a0\n ? __pfx_lock_release+0x10/0x10\n ? do_raw_spin_trylock+0xc6/0x120\n ? lock_acquire+0x3f/0x90\n ? _get_xid+0x16/0xd0 [cifs]\n ? __pfx_SMB2_tcon+0x10/0x10 [cifs]\n ? cifs_get_smb_ses+0xcdd/0x10a0 [cifs]\n cifs_get_smb_ses+0xcdd/0x10a0 [cifs]\n ? __pfx_cifs_get_smb_ses+0x10/0x10 [cifs]\n ? cifs_get_tcp_session+0xaa0/0xca0 [cifs]\n cifs_mount_get_session+0x8a/0x210 [cifs]\n dfs_mount_share+0x1b0/0x11d0 [cifs]\n ? __pfx___lock_acquire+0x10/0x10\n ? __pfx_dfs_mount_share+0x10/0x10 [cifs]\n ? lock_acquire.part.0+0xf4/0x2a0\n ? find_held_lock+0x8a/0xa0\n ? hlock_class+0x32/0xb0\n ? lock_release+0x203/0x5d0\n cifs_mount+0xb3/0x3d0 [cifs]\n ? do_raw_spin_trylock+0xc6/0x120\n ? __pfx_cifs_mount+0x10/0x10 [cifs]\n ? lock_acquire+0x3f/0x90\n ? find_nls+0x16/0xa0\n ? smb3_update_mnt_flags+0x372/0x3b0 [cifs]\n cifs_smb3_do_mount+0x1e2/0xc80 [cifs]\n ? __pfx_vfs_parse_fs_string+0x10/0x10\n ? __pfx_cifs_smb3_do_mount+0x10/0x10 [cifs]\n smb3_get_tree+0x1bf/0x330 [cifs]\n vfs_get_tree+0x4a/0x160\n path_mount+0x3c1/0xfb0\n ? kasan_quarantine_put+0xc7/0x1d0\n ? __pfx_path_mount+0x10/0x10\n ? kmem_cache_free+0x118/0x3e0\n ? user_path_at+0x74/0xa0\n __x64_sys_mount+0x1a6/0x1e0\n ? __pfx___x64_sys_mount+0x10/0x10\n ? mark_held_locks+0x1a/0x90\n do_syscall_64+0xbb/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53185" }, { "cve":"CVE-2024-53187", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check for overflows in io_pin_pages\n\nWARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144\nCPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller #0\nCall Trace:\n \n __io_uaddr_map+0xfb/0x2d0 io_uring/memmap.c:183\n io_rings_map io_uring/io_uring.c:2611 [inline]\n io_allocate_scq_urings+0x1c0/0x650 io_uring/io_uring.c:3470\n io_uring_create+0x5b5/0xc00 io_uring/io_uring.c:3692\n io_uring_setup io_uring/io_uring.c:3781 [inline]\n ...\n \n\nio_pin_pages()'s uaddr parameter came directly from the user and can be\ngarbage. Don't just add size to it as it can overflow.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.6, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53187" }, { "cve":"CVE-2024-53194", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: Fix use-after-free of slot->bus on hot remove\n\nDennis reports a boot crash on recent Lenovo laptops with a USB4 dock.\n\nSince commit 0fc70886569c (\"thunderbolt: Reset USB4 v2 host router\") and\ncommit 59a54c5f3dbd (\"thunderbolt: Reset topology created by the boot\nfirmware\"), USB4 v2 and v1 Host Routers are reset on probe of the\nthunderbolt driver.\n\nThe reset clears the Presence Detect State and Data Link Layer Link Active\nbits at the USB4 Host Router's Root Port and thus causes hot removal of the\ndock.\n\nThe crash occurs when pciehp is unbound from one of the dock's Downstream\nPorts: pciehp creates a pci_slot on bind and destroys it on unbind. The\npci_slot contains a pointer to the pci_bus below the Downstream Port, but\na reference on that pci_bus is never acquired. The pci_bus is destroyed\nbefore the pci_slot, so a use-after-free ensues when pci_slot_release()\naccesses slot->bus.\n\nIn principle this should not happen because pci_stop_bus_device() unbinds\npciehp (and therefore destroys the pci_slot) before the pci_bus is\ndestroyed by pci_remove_bus_device().\n\nHowever the stacktrace provided by Dennis shows that pciehp is unbound from\npci_remove_bus_device() instead of pci_stop_bus_device(). To understand\nthe significance of this, one needs to know that the PCI core uses a two\nstep process to remove a portion of the hierarchy: It first unbinds all\ndrivers in the sub-hierarchy in pci_stop_bus_device() and then actually\nremoves the devices in pci_remove_bus_device(). There is no precaution to\nprevent driver binding in-between pci_stop_bus_device() and\npci_remove_bus_device().\n\nIn Dennis' case, it seems removal of the hierarchy by pciehp races with\ndriver binding by pci_bus_add_devices(). pciehp is bound to the\nDownstream Port after pci_stop_bus_device() has run, so it is unbound by\npci_remove_bus_device() instead of pci_stop_bus_device(). Because the\npci_bus has already been destroyed at that point, accesses to it result in\na use-after-free.\n\nOne might conclude that driver binding needs to be prevented after\npci_stop_bus_device() has run. However it seems risky that pci_slot points\nto pci_bus without holding a reference. Solely relying on correct ordering\nof driver unbind versus pci_bus destruction is certainly not defensive\nprogramming.\n\nIf pci_slot has a need to access data in pci_bus, it ought to acquire a\nreference. Amend pci_create_slot() accordingly. Dennis reports that the\ncrash is not reproducible with this change.\n\nAbridged stacktrace:\n\n pcieport 0000:00:07.0: PME: Signaling with IRQ 156\n pcieport 0000:00:07.0: pciehp: Slot #12 AttnBtn- PwrCtrl- MRL- AttnInd- PwrInd- HotPlug+ Surprise+ Interlock- NoCompl+ IbPresDis- LLActRep+\n pci_bus 0000:20: dev 00, created physical slot 12\n pcieport 0000:00:07.0: pciehp: Slot(12): Card not present\n ...\n pcieport 0000:21:02.0: pciehp: pcie_disable_notification: SLOTCTRL d8 write cmd 0\n Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 13 UID: 0 PID: 134 Comm: irq/156-pciehp Not tainted 6.11.0-devel+ #1\n RIP: 0010:dev_driver_string+0x12/0x40\n pci_destroy_slot\n pciehp_remove\n pcie_port_remove_service\n device_release_driver_internal\n bus_remove_device\n device_del\n device_unregister\n remove_iter\n device_for_each_child\n pcie_portdrv_remove\n pci_device_remove\n device_release_driver_internal\n bus_remove_device\n device_del\n pci_remove_bus_device (recursive invocation)\n pci_remove_bus_device\n pciehp_unconfigure_device\n pciehp_disable_slot\n pciehp_handle_presence_or_link_change\n pciehp_ist", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53194" }, { "cve":"CVE-2024-53197", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices\n\nA bogus device can provide a bNumConfigurations value that exceeds the\ninitial value used in usb_get_configuration for allocating dev->config.\n\nThis can lead to out-of-bounds accesses later, e.g. in\nusb_destroy_configuration.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53197" }, { "cve":"CVE-2024-53217", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent NULL dereference in nfsd4_process_cb_update()\n\n@ses is initialized to NULL. If __nfsd4_find_backchannel() finds no\navailable backchannel session, setup_callback_client() will try to\ndereference @ses and segfault.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53217" }, { "cve":"CVE-2024-53218", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix race in concurrent f2fs_stop_gc_thread\n\nIn my test case, concurrent calls to f2fs shutdown report the following\nstack trace:\n\n Oops: general protection fault, probably for non-canonical address 0xc6cfff63bb5513fc: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 UID: 0 PID: 678 Comm: f2fs_rep_shutdo Not tainted 6.12.0-rc5-next-20241029-g6fb2fa9805c5-dirty #85\n Call Trace:\n \n ? show_regs+0x8b/0xa0\n ? __die_body+0x26/0xa0\n ? die_addr+0x54/0x90\n ? exc_general_protection+0x24b/0x5c0\n ? asm_exc_general_protection+0x26/0x30\n ? kthread_stop+0x46/0x390\n f2fs_stop_gc_thread+0x6c/0x110\n f2fs_do_shutdown+0x309/0x3a0\n f2fs_ioc_shutdown+0x150/0x1c0\n __f2fs_ioctl+0xffd/0x2ac0\n f2fs_ioctl+0x76/0xe0\n vfs_ioctl+0x23/0x60\n __x64_sys_ioctl+0xce/0xf0\n x64_sys_call+0x2b1b/0x4540\n do_syscall_64+0xa7/0x240\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nThe root cause is a race condition in f2fs_stop_gc_thread() called from\ndifferent f2fs shutdown paths:\n\n [CPU0] [CPU1]\n ---------------------- -----------------------\n f2fs_stop_gc_thread f2fs_stop_gc_thread\n gc_th = sbi->gc_thread\n gc_th = sbi->gc_thread\n kfree(gc_th)\n sbi->gc_thread = NULL\n < gc_th != NULL >\n kthread_stop(gc_th->f2fs_gc_task) //UAF\n\nThe commit c7f114d864ac (\"f2fs: fix to avoid use-after-free in\nf2fs_stop_gc_thread()\") attempted to fix this issue by using a read\nsemaphore to prevent races between shutdown and remount threads, but\nit fails to prevent all race conditions.\n\nFix it by converting to write lock of s_umount in f2fs_do_shutdown().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.7, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53218" }, { "cve":"CVE-2024-53219", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nvirtiofs: use pages instead of pointer for kernel direct IO\n\nWhen trying to insert a 10MB kernel module kept in a virtio-fs with cache\ndisabled, the following warning was reported:\n\n ------------[ cut here ]------------\n WARNING: CPU: 1 PID: 404 at mm/page_alloc.c:4551 ......\n Modules linked in:\n CPU: 1 PID: 404 Comm: insmod Not tainted 6.9.0-rc5+ #123\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:__alloc_pages+0x2bf/0x380\n ......\n Call Trace:\n \n ? __warn+0x8e/0x150\n ? __alloc_pages+0x2bf/0x380\n __kmalloc_large_node+0x86/0x160\n __kmalloc+0x33c/0x480\n virtio_fs_enqueue_req+0x240/0x6d0\n virtio_fs_wake_pending_and_unlock+0x7f/0x190\n queue_request_and_unlock+0x55/0x60\n fuse_simple_request+0x152/0x2b0\n fuse_direct_io+0x5d2/0x8c0\n fuse_file_read_iter+0x121/0x160\n __kernel_read+0x151/0x2d0\n kernel_read+0x45/0x50\n kernel_read_file+0x1a9/0x2a0\n init_module_from_file+0x6a/0xe0\n idempotent_init_module+0x175/0x230\n __x64_sys_finit_module+0x5d/0xb0\n x64_sys_call+0x1c3/0x9e0\n do_syscall_64+0x3d/0xc0\n entry_SYSCALL_64_after_hwframe+0x4b/0x53\n ......\n \n ---[ end trace 0000000000000000 ]---\n\nThe warning is triggered as follows:\n\n1) syscall finit_module() handles the module insertion and it invokes\nkernel_read_file() to read the content of the module first.\n\n2) kernel_read_file() allocates a 10MB buffer by using vmalloc() and\npasses it to kernel_read(). kernel_read() constructs a kvec iter by\nusing iov_iter_kvec() and passes it to fuse_file_read_iter().\n\n3) virtio-fs disables the cache, so fuse_file_read_iter() invokes\nfuse_direct_io(). As for now, the maximal read size for kvec iter is\nonly limited by fc->max_read. For virtio-fs, max_read is UINT_MAX, so\nfuse_direct_io() doesn't split the 10MB buffer. It saves the address and\nthe size of the 10MB-sized buffer in out_args[0] of a fuse request and\npasses the fuse request to virtio_fs_wake_pending_and_unlock().\n\n4) virtio_fs_wake_pending_and_unlock() uses virtio_fs_enqueue_req() to\nqueue the request. Because virtiofs need DMA-able address, so\nvirtio_fs_enqueue_req() uses kmalloc() to allocate a bounce buffer for\nall fuse args, copies these args into the bounce buffer and passed the\nphysical address of the bounce buffer to virtiofsd. The total length of\nthese fuse args for the passed fuse request is about 10MB, so\ncopy_args_to_argbuf() invokes kmalloc() with a 10MB size parameter and\nit triggers the warning in __alloc_pages():\n\n\tif (WARN_ON_ONCE_GFP(order > MAX_PAGE_ORDER, gfp))\n\t\treturn NULL;\n\n5) virtio_fs_enqueue_req() will retry the memory allocation in a\nkworker, but it won't help, because kmalloc() will always return NULL\ndue to the abnormal size and finit_module() will hang forever.\n\nA feasible solution is to limit the value of max_read for virtio-fs, so\nthe length passed to kmalloc() will be limited. However it will affect\nthe maximal read size for normal read. And for virtio-fs write initiated\nfrom kernel, it has the similar problem but now there is no way to limit\nfc->max_write in kernel.\n\nSo instead of limiting both the values of max_read and max_write in\nkernel, introducing use_pages_for_kvec_io in fuse_conn and setting it as\ntrue in virtiofs. When use_pages_for_kvec_io is enabled, fuse will use\npages instead of pointer to pass the KVEC_IO data.\n\nAfter switching to pages for KVEC_IO data, these pages will be used for\nDMA through virtio-fs. If these pages are backed by vmalloc(),\n{flush|invalidate}_kernel_vmap_range() are necessary to flush or\ninvalidate the cache before the DMA operation. So add two new fields in\nfuse_args_pages to record the base address of vmalloc area and the\ncondition indicating whether invalidation is needed. Perform the flush\nin fuse_get_user_pages() for write operations and the invalidation in\nfuse_release_user_pages() for read operations.\n\nIt may seem necessary to introduce another fie\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":4.6, "vectorString":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53219" }, { "cve":"CVE-2024-53221", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix null-ptr-deref in f2fs_submit_page_bio()\n\nThere's issue as follows when concurrently installing the f2fs.ko\nmodule and mounting the f2fs file system:\nKASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]\nRIP: 0010:__bio_alloc+0x2fb/0x6c0 [f2fs]\nCall Trace:\n \n f2fs_submit_page_bio+0x126/0x8b0 [f2fs]\n __get_meta_page+0x1d4/0x920 [f2fs]\n get_checkpoint_version.constprop.0+0x2b/0x3c0 [f2fs]\n validate_checkpoint+0xac/0x290 [f2fs]\n f2fs_get_valid_checkpoint+0x207/0x950 [f2fs]\n f2fs_fill_super+0x1007/0x39b0 [f2fs]\n mount_bdev+0x183/0x250\n legacy_get_tree+0xf4/0x1e0\n vfs_get_tree+0x88/0x340\n do_new_mount+0x283/0x5e0\n path_mount+0x2b2/0x15b0\n __x64_sys_mount+0x1fe/0x270\n do_syscall_64+0x5f/0x170\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n\nAbove issue happens as the biset of the f2fs file system is not\ninitialized before register \"f2fs_fs_type\".\nTo address above issue just register \"f2fs_fs_type\" at the last in\ninit_f2fs_fs(). Ensure that all f2fs file system resources are\ninitialized.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53221" }, { "cve":"CVE-2024-53224", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Move events notifier registration to be after device registration\n\nMove pkey change work initialization and cleanup from device resources\nstage to notifier stage, since this is the stage which handles this work\nevents.\n\nFix a race between the device deregistration and pkey change work by moving\nMLX5_IB_STAGE_DEVICE_NOTIFIER to be after MLX5_IB_STAGE_IB_REG in order to\nensure that the notifier is deregistered before the device during cleanup.\nWhich ensures there are no works that are being executed after the\ndevice has already unregistered which can cause the panic below.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 1 PID: 630071 Comm: kworker/1:2 Kdump: loaded Tainted: G W OE --------- --- 5.14.0-162.6.1.el9_1.x86_64 #1\nHardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090008 02/27/2023\nWorkqueue: events pkey_change_handler [mlx5_ib]\nRIP: 0010:setup_qp+0x38/0x1f0 [mlx5_ib]\nCode: ee 41 54 45 31 e4 55 89 f5 53 48 89 fb 48 83 ec 20 8b 77 08 65 48 8b 04 25 28 00 00 00 48 89 44 24 18 48 8b 07 48 8d 4c 24 16 <4c> 8b 38 49 8b 87 80 0b 00 00 4c 89 ff 48 8b 80 08 05 00 00 8b 40\nRSP: 0018:ffffbcc54068be20 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff954054494128 RCX: ffffbcc54068be36\nRDX: ffff954004934000 RSI: 0000000000000001 RDI: ffff954054494128\nRBP: 0000000000000023 R08: ffff954001be2c20 R09: 0000000000000001\nR10: ffff954001be2c20 R11: ffff9540260133c0 R12: 0000000000000000\nR13: 0000000000000023 R14: 0000000000000000 R15: ffff9540ffcb0905\nFS: 0000000000000000(0000) GS:ffff9540ffc80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 000000010625c001 CR4: 00000000003706e0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\nmlx5_ib_gsi_pkey_change+0x20/0x40 [mlx5_ib]\nprocess_one_work+0x1e8/0x3c0\nworker_thread+0x50/0x3b0\n? rescuer_thread+0x380/0x380\nkthread+0x149/0x170\n? set_kthread_struct+0x50/0x50\nret_from_fork+0x22/0x30\nModules linked in: rdma_ucm(OE) rdma_cm(OE) iw_cm(OE) ib_ipoib(OE) ib_cm(OE) ib_umad(OE) mlx5_ib(OE) mlx5_fwctl(OE) fwctl(OE) ib_uverbs(OE) mlx5_core(OE) mlxdevm(OE) ib_core(OE) mlx_compat(OE) psample mlxfw(OE) tls knem(OE) netconsole nfsv3 nfs_acl nfs lockd grace fscache netfs qrtr rfkill sunrpc intel_rapl_msr intel_rapl_common rapl hv_balloon hv_utils i2c_piix4 pcspkr joydev fuse ext4 mbcache jbd2 sr_mod sd_mod cdrom t10_pi sg ata_generic pci_hyperv pci_hyperv_intf hyperv_drm drm_shmem_helper drm_kms_helper hv_storvsc syscopyarea hv_netvsc sysfillrect sysimgblt hid_hyperv fb_sys_fops scsi_transport_fc hyperv_keyboard drm ata_piix crct10dif_pclmul crc32_pclmul crc32c_intel libata ghash_clmulni_intel hv_vmbus serio_raw [last unloaded: ib_core]\nCR2: 0000000000000000\n---[ end trace f6f8be4eae12f7bc ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-53224" }, { "cve":"CVE-2024-53227", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Fix use-after-free in bfad_im_module_exit()\n\nBUG: KASAN: slab-use-after-free in __lock_acquire+0x2aca/0x3a20\nRead of size 8 at addr ffff8881082d80c8 by task modprobe/25303\n\nCall Trace:\n \n dump_stack_lvl+0x95/0xe0\n print_report+0xcb/0x620\n kasan_report+0xbd/0xf0\n __lock_acquire+0x2aca/0x3a20\n lock_acquire+0x19b/0x520\n _raw_spin_lock+0x2b/0x40\n attribute_container_unregister+0x30/0x160\n fc_release_transport+0x19/0x90 [scsi_transport_fc]\n bfad_im_module_exit+0x23/0x60 [bfa]\n bfad_init+0xdb/0xff0 [bfa]\n do_one_initcall+0xdc/0x550\n do_init_module+0x22d/0x6b0\n load_module+0x4e96/0x5ff0\n init_module_from_file+0xcd/0x130\n idempotent_init_module+0x330/0x620\n __x64_sys_finit_module+0xb3/0x110\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n \n\nAllocated by task 25303:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x7f/0x90\n fc_attach_transport+0x4f/0x4740 [scsi_transport_fc]\n bfad_im_module_init+0x17/0x80 [bfa]\n bfad_init+0x23/0xff0 [bfa]\n do_one_initcall+0xdc/0x550\n do_init_module+0x22d/0x6b0\n load_module+0x4e96/0x5ff0\n init_module_from_file+0xcd/0x130\n idempotent_init_module+0x330/0x620\n __x64_sys_finit_module+0xb3/0x110\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nFreed by task 25303:\n kasan_save_stack+0x24/0x50\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n __kasan_slab_free+0x38/0x50\n kfree+0x212/0x480\n bfad_im_module_init+0x7e/0x80 [bfa]\n bfad_init+0x23/0xff0 [bfa]\n do_one_initcall+0xdc/0x550\n do_init_module+0x22d/0x6b0\n load_module+0x4e96/0x5ff0\n init_module_from_file+0xcd/0x130\n idempotent_init_module+0x330/0x620\n __x64_sys_finit_module+0xb3/0x110\n do_syscall_64+0xc1/0x1d0\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\nAbove issue happens as follows:\n\nbfad_init\n error = bfad_im_module_init()\n fc_release_transport(bfad_im_scsi_transport_template);\n if (error)\n goto ext;\n\next:\n bfad_im_module_exit();\n fc_release_transport(bfad_im_scsi_transport_template);\n --> Trigger double release\n\nDon't call bfad_im_module_exit() if bfad_im_module_init() failed.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-53227" }, { "cve":"CVE-2024-56538", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: zynqmp_kms: Unplug DRM device before removal\n\nPrevent userspace accesses to the DRM device from causing\nuse-after-frees by unplugging the device before we remove it. This\ncauses any further userspace accesses to result in an error without\nfurther calls into this driver's internals.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56538" }, { "cve":"CVE-2024-56548", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don't query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56548" }, { "cve":"CVE-2024-56562", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()\n\nif (dev->boardinfo && dev->boardinfo->init_dyn_addr)\n ^^^ here check \"init_dyn_addr\"\n\ti3c_bus_set_addr_slot_status(&master->bus, dev->info.dyn_addr, ...)\n\t\t\t\t\t\t ^^^^\n\t\t\t\t\t\t\tfree \"dyn_addr\"\nFix copy/paste error \"dyn_addr\" by replacing it with \"init_dyn_addr\".", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56562" }, { "cve":"CVE-2024-56569", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix regression with module command in stack_trace_filter\n\nWhen executing the following command:\n\n # echo \"write*:mod:ext3\" > /sys/kernel/tracing/stack_trace_filter\n\nThe current mod command causes a null pointer dereference. While commit\n0f17976568b3f (\"ftrace: Fix regression with module command in stack_trace_filter\")\nhas addressed part of the issue, it left a corner case unhandled, which still\nresults in a kernel crash.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56569" }, { "cve":"CVE-2024-56570", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\novl: Filter invalid inodes with missing lookup function\n\nAdd a check to the ovl_dentry_weird() function to prevent the\nprocessing of directory inodes that lack the lookup function.\nThis is important because such inodes can cause errors in overlayfs\nwhen passed to the lowerstack.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.0, "vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56570" }, { "cve":"CVE-2024-56572", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal()\n\nThe buffer in the loop should be released under the exception path,\notherwise there may be a memory leak here.\n\nTo mitigate this, free the buffer when allegro_alloc_buffer fails.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56572" }, { "cve":"CVE-2024-56581", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: ref-verify: fix use-after-free after invalid ref action\n\nAt btrfs_ref_tree_mod() after we successfully inserted the new ref entry\n(local variable 'ref') into the respective block entry's rbtree (local\nvariable 'be'), if we find an unexpected action of BTRFS_DROP_DELAYED_REF,\nwe error out and free the ref entry without removing it from the block\nentry's rbtree. Then in the error path of btrfs_ref_tree_mod() we call\nbtrfs_free_ref_cache(), which iterates over all block entries and then\ncalls free_block_entry() for each one, and there we will trigger a\nuse-after-free when we are called against the block entry to which we\nadded the freed ref entry to its rbtree, since the rbtree still points\nto the block entry, as we didn't remove it from the rbtree before freeing\nit in the error path at btrfs_ref_tree_mod(). Fix this by removing the\nnew ref entry from the rbtree before freeing it.\n\nSyzbot report this with the following stack traces:\n\n BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_insert_empty_items+0x9c/0x1a0 fs/btrfs/ctree.c:4314\n btrfs_insert_empty_item fs/btrfs/ctree.h:669 [inline]\n btrfs_insert_orphan_item+0x1f1/0x320 fs/btrfs/orphan.c:23\n btrfs_orphan_add+0x6d/0x1a0 fs/btrfs/inode.c:3482\n btrfs_unlink+0x267/0x350 fs/btrfs/inode.c:4293\n vfs_unlink+0x365/0x650 fs/namei.c:4469\n do_unlinkat+0x4ae/0x830 fs/namei.c:4533\n __do_sys_unlinkat fs/namei.c:4576 [inline]\n __se_sys_unlinkat fs/namei.c:4569 [inline]\n __x64_sys_unlinkat+0xcc/0xf0 fs/namei.c:4569\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n BTRFS error (device loop0 state EA): Ref action 1, root 5, ref_root 5, parent 0, owner 260, offset 0, num_refs 1\n __btrfs_mod_ref+0x76b/0xac0 fs/btrfs/extent-tree.c:2521\n update_ref_for_cow+0x96a/0x11f0\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n btrfs_update_delayed_inode fs/btrfs/delayed-inode.c:1114 [inline]\n __btrfs_commit_inode_delayed_items+0x2318/0x24a0 fs/btrfs/delayed-inode.c:1137\n __btrfs_run_delayed_items+0x213/0x490 fs/btrfs/delayed-inode.c:1171\n btrfs_commit_transaction+0x8a8/0x3740 fs/btrfs/transaction.c:2313\n prepare_to_relocate+0x3c4/0x4c0 fs/btrfs/relocation.c:3586\n relocate_block_group+0x16c/0xd40 fs/btrfs/relocation.c:3611\n btrfs_relocate_block_group+0x77d/0xd90 fs/btrfs/relocation.c:4081\n btrfs_relocate_chunk+0x12c/0x3b0 fs/btrfs/volumes.c:3377\n __btrfs_balance+0x1b0f/0x26b0 fs/btrfs/volumes.c:4161\n btrfs_balance+0xbdc/0x10c0 fs/btrfs/volumes.c:4538\n BTRFS error (device loop0 state EA): Ref action 2, root 5, ref_root 0, parent 8564736, owner 0, offset 0, num_refs 18446744073709551615\n __btrfs_mod_ref+0x7dd/0xac0 fs/btrfs/extent-tree.c:2523\n update_ref_for_cow+0x9cd/0x11f0 fs/btrfs/ctree.c:512\n btrfs_force_cow_block+0x9f6/0x1da0 fs/btrfs/ctree.c:594\n btrfs_cow_block+0x35e/0xa40 fs/btrfs/ctree.c:754\n btrfs_search_slot+0xbdd/0x30d0 fs/btrfs/ctree.c:2116\n btrfs_lookup_inode+0xdc/0x480 fs/btrfs/inode-item.c:411\n __btrfs_update_delayed_inode+0x1e7/0xb90 fs/btrfs/delayed-inode.c:1030\n btrfs_update_delayed_i\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56581" }, { "cve":"CVE-2024-56583", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nsched/deadline: Fix warning in migrate_enable for boosted tasks\n\nWhen running the following command:\n\nwhile true; do\n stress-ng --cyclic 30 --timeout 30s --minimize --quiet\ndone\n\na warning is eventually triggered:\n\nWARNING: CPU: 43 PID: 2848 at kernel/sched/deadline.c:794\nsetup_new_dl_entity+0x13e/0x180\n...\nCall Trace:\n \n ? show_trace_log_lvl+0x1c4/0x2df\n ? enqueue_dl_entity+0x631/0x6e0\n ? setup_new_dl_entity+0x13e/0x180\n ? __warn+0x7e/0xd0\n ? report_bug+0x11a/0x1a0\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n enqueue_dl_entity+0x631/0x6e0\n enqueue_task_dl+0x7d/0x120\n __do_set_cpus_allowed+0xe3/0x280\n __set_cpus_allowed_ptr_locked+0x140/0x1d0\n __set_cpus_allowed_ptr+0x54/0xa0\n migrate_enable+0x7e/0x150\n rt_spin_unlock+0x1c/0x90\n group_send_sig_info+0xf7/0x1a0\n ? kill_pid_info+0x1f/0x1d0\n kill_pid_info+0x78/0x1d0\n kill_proc_info+0x5b/0x110\n __x64_sys_kill+0x93/0xc0\n do_syscall_64+0x5c/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n RIP: 0033:0x7f0dab31f92b\n\nThis warning occurs because set_cpus_allowed dequeues and enqueues tasks\nwith the ENQUEUE_RESTORE flag set. If the task is boosted, the warning\nis triggered. A boosted task already had its parameters set by\nrt_mutex_setprio, and a new call to setup_new_dl_entity is unnecessary,\nhence the WARN_ON call.\n\nCheck if we are requeueing a boosted task and avoid calling\nsetup_new_dl_entity if that's the case.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56583" }, { "cve":"CVE-2024-56584", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/tctx: work around xa_store() allocation error issue\n\nsyzbot triggered the following WARN_ON:\n\nWARNING: CPU: 0 PID: 16 at io_uring/tctx.c:51 __io_uring_free+0xfa/0x140 io_uring/tctx.c:51\n\nwhich is the\n\nWARN_ON_ONCE(!xa_empty(&tctx->xa));\n\nsanity check in __io_uring_free() when a io_uring_task is going through\nits final put. The syzbot test case includes injecting memory allocation\nfailures, and it very much looks like xa_store() can fail one of its\nmemory allocations and end up with ->head being non-NULL even though no\nentries exist in the xarray.\n\nUntil this issue gets sorted out, work around it by attempting to\niterate entries in our xarray, and WARN_ON_ONCE() if one is found.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56584" }, { "cve":"CVE-2024-56586", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode.\n\ncreating a large files during checkpoint disable until it runs out of\nspace and then delete it, then remount to enable checkpoint again, and\nthen unmount the filesystem triggers the f2fs_bug_on as below:\n\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/inode.c:896!\nCPU: 2 UID: 0 PID: 1286 Comm: umount Not tainted 6.11.0-rc7-dirty #360\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nRIP: 0010:f2fs_evict_inode+0x58c/0x610\nCall Trace:\n __die_body+0x15/0x60\n die+0x33/0x50\n do_trap+0x10a/0x120\n f2fs_evict_inode+0x58c/0x610\n do_error_trap+0x60/0x80\n f2fs_evict_inode+0x58c/0x610\n exc_invalid_op+0x53/0x60\n f2fs_evict_inode+0x58c/0x610\n asm_exc_invalid_op+0x16/0x20\n f2fs_evict_inode+0x58c/0x610\n evict+0x101/0x260\n dispose_list+0x30/0x50\n evict_inodes+0x140/0x190\n generic_shutdown_super+0x2f/0x150\n kill_block_super+0x11/0x40\n kill_f2fs_super+0x7d/0x140\n deactivate_locked_super+0x2a/0x70\n cleanup_mnt+0xb3/0x140\n task_work_run+0x61/0x90\n\nThe root cause is: creating large files during disable checkpoint\nperiod results in not enough free segments, so when writing back root\ninode will failed in f2fs_enable_checkpoint. When umount the file\nsystem after enabling checkpoint, the root inode is dirty in\nf2fs_evict_inode function, which triggers BUG_ON. The steps to\nreproduce are as follows:\n\ndd if=/dev/zero of=f2fs.img bs=1M count=55\nmount f2fs.img f2fs_dir -o checkpoint=disable:10%\ndd if=/dev/zero of=big bs=1M count=50\nsync\nrm big\nmount -o remount,checkpoint=enable f2fs_dir\numount f2fs_dir\n\nLet's redirty inode when there is not free segments during checkpoint\nis disable.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56586" }, { "cve":"CVE-2024-56589", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Add cond_resched() for no forced preemption model\n\nFor no forced preemption model kernel, in the scenario where the\nexpander is connected to 12 high performance SAS SSDs, the following\ncall trace may occur:\n\n[ 214.409199][ C240] watchdog: BUG: soft lockup - CPU#240 stuck for 22s! [irq/149-hisi_sa:3211]\n[ 214.568533][ C240] pstate: 60400009 (nZCv daif +PAN -UAO -TCO BTYPE=--)\n[ 214.575224][ C240] pc : fput_many+0x8c/0xdc\n[ 214.579480][ C240] lr : fput+0x1c/0xf0\n[ 214.583302][ C240] sp : ffff80002de2b900\n[ 214.587298][ C240] x29: ffff80002de2b900 x28: ffff1082aa412000\n[ 214.593291][ C240] x27: ffff3062a0348c08 x26: ffff80003a9f6000\n[ 214.599284][ C240] x25: ffff1062bbac5c40 x24: 0000000000001000\n[ 214.605277][ C240] x23: 000000000000000a x22: 0000000000000001\n[ 214.611270][ C240] x21: 0000000000001000 x20: 0000000000000000\n[ 214.617262][ C240] x19: ffff3062a41ae580 x18: 0000000000010000\n[ 214.623255][ C240] x17: 0000000000000001 x16: ffffdb3a6efe5fc0\n[ 214.629248][ C240] x15: ffffffffffffffff x14: 0000000003ffffff\n[ 214.635241][ C240] x13: 000000000000ffff x12: 000000000000029c\n[ 214.641234][ C240] x11: 0000000000000006 x10: ffff80003a9f7fd0\n[ 214.647226][ C240] x9 : ffffdb3a6f0482fc x8 : 0000000000000001\n[ 214.653219][ C240] x7 : 0000000000000002 x6 : 0000000000000080\n[ 214.659212][ C240] x5 : ffff55480ee9b000 x4 : fffffde7f94c6554\n[ 214.665205][ C240] x3 : 0000000000000002 x2 : 0000000000000020\n[ 214.671198][ C240] x1 : 0000000000000021 x0 : ffff3062a41ae5b8\n[ 214.677191][ C240] Call trace:\n[ 214.680320][ C240] fput_many+0x8c/0xdc\n[ 214.684230][ C240] fput+0x1c/0xf0\n[ 214.687707][ C240] aio_complete_rw+0xd8/0x1fc\n[ 214.692225][ C240] blkdev_bio_end_io+0x98/0x140\n[ 214.696917][ C240] bio_endio+0x160/0x1bc\n[ 214.701001][ C240] blk_update_request+0x1c8/0x3bc\n[ 214.705867][ C240] scsi_end_request+0x3c/0x1f0\n[ 214.710471][ C240] scsi_io_completion+0x7c/0x1a0\n[ 214.715249][ C240] scsi_finish_command+0x104/0x140\n[ 214.720200][ C240] scsi_softirq_done+0x90/0x180\n[ 214.724892][ C240] blk_mq_complete_request+0x5c/0x70\n[ 214.730016][ C240] scsi_mq_done+0x48/0xac\n[ 214.734194][ C240] sas_scsi_task_done+0xbc/0x16c [libsas]\n[ 214.739758][ C240] slot_complete_v3_hw+0x260/0x760 [hisi_sas_v3_hw]\n[ 214.746185][ C240] cq_thread_v3_hw+0xbc/0x190 [hisi_sas_v3_hw]\n[ 214.752179][ C240] irq_thread_fn+0x34/0xa4\n[ 214.756435][ C240] irq_thread+0xc4/0x130\n[ 214.760520][ C240] kthread+0x108/0x13c\n[ 214.764430][ C240] ret_from_fork+0x10/0x18\n\nThis is because in the hisi_sas driver, both the hardware interrupt\nhandler and the interrupt thread are executed on the same CPU. In the\nperformance test scenario, function irq_wait_for_interrupt() will always\nreturn 0 if lots of interrupts occurs and the CPU will be continuously\nconsumed. As a result, the CPU cannot run the watchdog thread. When the\nwatchdog time exceeds the specified time, call trace occurs.\n\nTo fix it, add cond_resched() to execute the watchdog thread.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56589" }, { "cve":"CVE-2024-56594", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: set the right AMDGPU sg segment limitation\n\nThe driver needs to set the correct max_segment_size;\notherwise debug_dma_map_sg() will complain about the\nover-mapping of the AMDGPU sg length as following:\n\nWARNING: CPU: 6 PID: 1964 at kernel/dma/debug.c:1178 debug_dma_map_sg+0x2dc/0x370\n[ 364.049444] Modules linked in: veth amdgpu(OE) amdxcp drm_exec gpu_sched drm_buddy drm_ttm_helper ttm(OE) drm_suballoc_helper drm_display_helper drm_kms_helper i2c_algo_bit rpcsec_gss_krb5 auth_rpcgss nfsv4 nfs lockd grace netfs xt_conntrack xt_MASQUERADE nf_conntrack_netlink xfrm_user xfrm_algo iptable_nat xt_addrtype iptable_filter br_netfilter nvme_fabrics overlay nfnetlink_cttimeout nfnetlink openvswitch nsh nf_conncount nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bridge stp llc amd_atl intel_rapl_msr intel_rapl_common sunrpc sch_fq_codel snd_hda_codec_realtek snd_hda_codec_generic snd_hda_scodec_component snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg edac_mce_amd binfmt_misc snd_hda_codec snd_pci_acp6x snd_hda_core snd_acp_config snd_hwdep snd_soc_acpi kvm_amd snd_pcm kvm snd_seq_midi snd_seq_midi_event crct10dif_pclmul ghash_clmulni_intel sha512_ssse3 snd_rawmidi sha256_ssse3 sha1_ssse3 aesni_intel snd_seq nls_iso8859_1 crypto_simd snd_seq_device cryptd snd_timer rapl input_leds snd\n[ 364.049532] ipmi_devintf wmi_bmof ccp serio_raw k10temp sp5100_tco soundcore ipmi_msghandler cm32181 industrialio mac_hid msr parport_pc ppdev lp parport drm efi_pstore ip_tables x_tables pci_stub crc32_pclmul nvme ahci libahci i2c_piix4 r8169 nvme_core i2c_designware_pci realtek i2c_ccgx_ucsi video wmi hid_generic cdc_ether usbnet usbhid hid r8152 mii\n[ 364.049576] CPU: 6 PID: 1964 Comm: rocminfo Tainted: G OE 6.10.0-custom #492\n[ 364.049579] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS RMJ1009A 06/13/2021\n[ 364.049582] RIP: 0010:debug_dma_map_sg+0x2dc/0x370\n[ 364.049585] Code: 89 4d b8 e8 36 b1 86 00 8b 4d b8 48 8b 55 b0 44 8b 45 a8 4c 8b 4d a0 48 89 c6 48 c7 c7 00 4b 74 bc 4c 89 4d b8 e8 b4 73 f3 ff <0f> 0b 4c 8b 4d b8 8b 15 c8 2c b8 01 85 d2 0f 85 ee fd ff ff 8b 05\n[ 364.049588] RSP: 0018:ffff9ca600b57ac0 EFLAGS: 00010286\n[ 364.049590] RAX: 0000000000000000 RBX: ffff88b7c132b0c8 RCX: 0000000000000027\n[ 364.049592] RDX: ffff88bb0f521688 RSI: 0000000000000001 RDI: ffff88bb0f521680\n[ 364.049594] RBP: ffff9ca600b57b20 R08: 000000000000006f R09: ffff9ca600b57930\n[ 364.049596] R10: ffff9ca600b57928 R11: ffffffffbcb46328 R12: 0000000000000000\n[ 364.049597] R13: 0000000000000001 R14: ffff88b7c19c0700 R15: ffff88b7c9059800\n[ 364.049599] FS: 00007fb2d3516e80(0000) GS:ffff88bb0f500000(0000) knlGS:0000000000000000\n[ 364.049601] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 364.049603] CR2: 000055610bd03598 CR3: 00000001049f6000 CR4: 0000000000350ef0\n[ 364.049605] Call Trace:\n[ 364.049607] \n[ 364.049609] ? show_regs+0x6d/0x80\n[ 364.049614] ? __warn+0x8c/0x140\n[ 364.049618] ? debug_dma_map_sg+0x2dc/0x370\n[ 364.049621] ? report_bug+0x193/0x1a0\n[ 364.049627] ? handle_bug+0x46/0x80\n[ 364.049631] ? exc_invalid_op+0x1d/0x80\n[ 364.049635] ? asm_exc_invalid_op+0x1f/0x30\n[ 364.049642] ? debug_dma_map_sg+0x2dc/0x370\n[ 364.049647] __dma_map_sg_attrs+0x90/0xe0\n[ 364.049651] dma_map_sgtable+0x25/0x40\n[ 364.049654] amdgpu_bo_move+0x59a/0x850 [amdgpu]\n[ 364.049935] ? srso_return_thunk+0x5/0x5f\n[ 364.049939] ? amdgpu_ttm_tt_populate+0x5d/0xc0 [amdgpu]\n[ 364.050095] ttm_bo_handle_move_mem+0xc3/0x180 [ttm]\n[ 364.050103] ttm_bo_validate+0xc1/0x160 [ttm]\n[ 364.050108] ? amdgpu_ttm_tt_get_user_pages+0xe5/0x1b0 [amdgpu]\n[ 364.050263] amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu+0xa12/0xc90 [amdgpu]\n[ 364.050473] kfd_ioctl_alloc_memory_of_gpu+0x16b/0x3b0 [amdgpu]\n[ 364.050680] kfd_ioctl+0x3c2/0x530 [amdgpu]\n[ 364.050866] ? __pfx_kfd_ioctl_alloc_memory_of_gpu+0x10/0x10 [amdgpu]\n[ 364.05105\n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56594" }, { "cve":"CVE-2024-56596", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in jfs_readdir\n\nThe stbl might contain some invalid values. Added a check to\nreturn error code in that case.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56596" }, { "cve":"CVE-2024-56598", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\njfs: array-index-out-of-bounds fix in dtReadFirst\n\nThe value of stbl can be sometimes out of bounds due\nto a bad filesystem. Added a check with appopriate return\nof error code in that case.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56598" }, { "cve":"CVE-2024-56604", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()\n\nbt_sock_alloc() attaches allocated sk object to the provided sock object.\nIf rfcomm_dlc_alloc() fails, we release the sk object, but leave the\ndangling pointer in the sock object, which may cause use-after-free.\n\nFix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56604" }, { "cve":"CVE-2024-56605", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56605" }, { "cve":"CVE-2024-56608", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create'\n\nAn issue was identified in the dcn21_link_encoder_create function where\nan out-of-bounds access could occur when the hpd_source index was used\nto reference the link_enc_hpd_regs array. This array has a fixed size\nand the index was not being checked against the array's bounds before\naccessing it.\n\nThis fix adds a conditional check to ensure that the hpd_source index is\nwithin the valid range of the link_enc_hpd_regs array. If the index is\nout of bounds, the function now returns NULL to prevent undefined\nbehavior.\n\nReferences:\n\n[ 65.920507] ------------[ cut here ]------------\n[ 65.920510] UBSAN: array-index-out-of-bounds in drivers/gpu/drm/amd/amdgpu/../display/dc/resource/dcn21/dcn21_resource.c:1312:29\n[ 65.920519] index 7 is out of range for type 'dcn10_link_enc_hpd_registers [5]'\n[ 65.920523] CPU: 3 PID: 1178 Comm: modprobe Tainted: G OE 6.8.0-cleanershaderfeatureresetasdntipmi200nv2132 #13\n[ 65.920525] Hardware name: AMD Majolica-RN/Majolica-RN, BIOS WMJ0429N_Weekly_20_04_2 04/29/2020\n[ 65.920527] Call Trace:\n[ 65.920529] \n[ 65.920532] dump_stack_lvl+0x48/0x70\n[ 65.920541] dump_stack+0x10/0x20\n[ 65.920543] __ubsan_handle_out_of_bounds+0xa2/0xe0\n[ 65.920549] dcn21_link_encoder_create+0xd9/0x140 [amdgpu]\n[ 65.921009] link_create+0x6d3/0xed0 [amdgpu]\n[ 65.921355] create_links+0x18a/0x4e0 [amdgpu]\n[ 65.921679] dc_create+0x360/0x720 [amdgpu]\n[ 65.921999] ? dmi_matches+0xa0/0x220\n[ 65.922004] amdgpu_dm_init+0x2b6/0x2c90 [amdgpu]\n[ 65.922342] ? console_unlock+0x77/0x120\n[ 65.922348] ? dev_printk_emit+0x86/0xb0\n[ 65.922354] dm_hw_init+0x15/0x40 [amdgpu]\n[ 65.922686] amdgpu_device_init+0x26a8/0x33a0 [amdgpu]\n[ 65.922921] amdgpu_driver_load_kms+0x1b/0xa0 [amdgpu]\n[ 65.923087] amdgpu_pci_probe+0x1b7/0x630 [amdgpu]\n[ 65.923087] local_pci_probe+0x4b/0xb0\n[ 65.923087] pci_device_probe+0xc8/0x280\n[ 65.923087] really_probe+0x187/0x300\n[ 65.923087] __driver_probe_device+0x85/0x130\n[ 65.923087] driver_probe_device+0x24/0x110\n[ 65.923087] __driver_attach+0xac/0x1d0\n[ 65.923087] ? __pfx___driver_attach+0x10/0x10\n[ 65.923087] bus_for_each_dev+0x7d/0xd0\n[ 65.923087] driver_attach+0x1e/0x30\n[ 65.923087] bus_add_driver+0xf2/0x200\n[ 65.923087] driver_register+0x64/0x130\n[ 65.923087] ? __pfx_amdgpu_init+0x10/0x10 [amdgpu]\n[ 65.923087] __pci_register_driver+0x61/0x70\n[ 65.923087] amdgpu_init+0x7d/0xff0 [amdgpu]\n[ 65.923087] do_one_initcall+0x49/0x310\n[ 65.923087] ? kmalloc_trace+0x136/0x360\n[ 65.923087] do_init_module+0x6a/0x270\n[ 65.923087] load_module+0x1fce/0x23a0\n[ 65.923087] init_module_from_file+0x9c/0xe0\n[ 65.923087] ? init_module_from_file+0x9c/0xe0\n[ 65.923087] idempotent_init_module+0x179/0x230\n[ 65.923087] __x64_sys_finit_module+0x5d/0xa0\n[ 65.923087] do_syscall_64+0x76/0x120\n[ 65.923087] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 65.923087] RIP: 0033:0x7f2d80f1e88d\n[ 65.923087] Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 73 b5 0f 00 f7 d8 64 89 01 48\n[ 65.923087] RSP: 002b:00007ffc7bc1aa78 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n[ 65.923087] RAX: ffffffffffffffda RBX: 0000564c9c1db130 RCX: 00007f2d80f1e88d\n[ 65.923087] RDX: 0000000000000000 RSI: 0000564c9c1e5480 RDI: 000000000000000f\n[ 65.923087] RBP: 0000000000040000 R08: 0000000000000000 R09: 0000000000000002\n[ 65.923087] R10: 000000000000000f R11: 0000000000000246 R12: 0000564c9c1e5480\n[ 65.923087] R13: 0000564c9c1db260 R14: 0000000000000000 R15: 0000564c9c1e54b0\n[ 65.923087] \n[ 65.923927] ---[ end trace ]---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.8, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56608" }, { "cve":"CVE-2024-56615", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: fix OOB devmap writes when deleting elements\n\nJordy reported issue against XSKMAP which also applies to DEVMAP - the\nindex used for accessing map entry, due to being a signed integer,\ncauses the OOB writes. Fix is simple as changing the type from int to\nu32, however, when compared to XSKMAP case, one more thing needs to be\naddressed.\n\nWhen map is released from system via dev_map_free(), we iterate through\nall of the entries and an iterator variable is also an int, which\nimplies OOB accesses. Again, change it to be u32.\n\nExample splat below:\n\n[ 160.724676] BUG: unable to handle page fault for address: ffffc8fc2c001000\n[ 160.731662] #PF: supervisor read access in kernel mode\n[ 160.736876] #PF: error_code(0x0000) - not-present page\n[ 160.742095] PGD 0 P4D 0\n[ 160.744678] Oops: Oops: 0000 [#1] PREEMPT SMP\n[ 160.749106] CPU: 1 UID: 0 PID: 520 Comm: kworker/u145:12 Not tainted 6.12.0-rc1+ #487\n[ 160.757050] Hardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[ 160.767642] Workqueue: events_unbound bpf_map_free_deferred\n[ 160.773308] RIP: 0010:dev_map_free+0x77/0x170\n[ 160.777735] Code: 00 e8 fd 91 ed ff e8 b8 73 ed ff 41 83 7d 18 19 74 6e 41 8b 45 24 49 8b bd f8 00 00 00 31 db 85 c0 74 48 48 63 c3 48 8d 04 c7 <48> 8b 28 48 85 ed 74 30 48 8b 7d 18 48 85 ff 74 05 e8 b3 52 fa ff\n[ 160.796777] RSP: 0018:ffffc9000ee1fe38 EFLAGS: 00010202\n[ 160.802086] RAX: ffffc8fc2c001000 RBX: 0000000080000000 RCX: 0000000000000024\n[ 160.809331] RDX: 0000000000000000 RSI: 0000000000000024 RDI: ffffc9002c001000\n[ 160.816576] RBP: 0000000000000000 R08: 0000000000000023 R09: 0000000000000001\n[ 160.823823] R10: 0000000000000001 R11: 00000000000ee6b2 R12: dead000000000122\n[ 160.831066] R13: ffff88810c928e00 R14: ffff8881002df405 R15: 0000000000000000\n[ 160.838310] FS: 0000000000000000(0000) GS:ffff8897e0c40000(0000) knlGS:0000000000000000\n[ 160.846528] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 160.852357] CR2: ffffc8fc2c001000 CR3: 0000000005c32006 CR4: 00000000007726f0\n[ 160.859604] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 160.866847] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 160.874092] PKRU: 55555554\n[ 160.876847] Call Trace:\n[ 160.879338] \n[ 160.881477] ? __die+0x20/0x60\n[ 160.884586] ? page_fault_oops+0x15a/0x450\n[ 160.888746] ? search_extable+0x22/0x30\n[ 160.892647] ? search_bpf_extables+0x5f/0x80\n[ 160.896988] ? exc_page_fault+0xa9/0x140\n[ 160.900973] ? asm_exc_page_fault+0x22/0x30\n[ 160.905232] ? dev_map_free+0x77/0x170\n[ 160.909043] ? dev_map_free+0x58/0x170\n[ 160.912857] bpf_map_free_deferred+0x51/0x90\n[ 160.917196] process_one_work+0x142/0x370\n[ 160.921272] worker_thread+0x29e/0x3b0\n[ 160.925082] ? rescuer_thread+0x4b0/0x4b0\n[ 160.929157] kthread+0xd4/0x110\n[ 160.932355] ? kthread_park+0x80/0x80\n[ 160.936079] ret_from_fork+0x2d/0x50\n[ 160.943396] ? kthread_park+0x80/0x80\n[ 160.950803] ret_from_fork_asm+0x11/0x20\n[ 160.958482] ", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56615" }, { "cve":"CVE-2024-56619", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()\n\nSyzbot reported that when searching for records in a directory where the\ninode's i_size is corrupted and has a large value, memory access outside\nthe folio/page range may occur, or a use-after-free bug may be detected if\nKASAN is enabled.\n\nThis is because nilfs_last_byte(), which is called by nilfs_find_entry()\nand others to calculate the number of valid bytes of directory data in a\npage from i_size and the page index, loses the upper 32 bits of the 64-bit\nsize information due to an inappropriate type of local variable to which\nthe i_size value is assigned.\n\nThis caused a large byte offset value due to underflow in the end address\ncalculation in the calling nilfs_find_entry(), resulting in memory access\nthat exceeds the folio/page size.\n\nFix this issue by changing the type of the local variable causing the bit\nloss from \"unsigned int\" to \"u64\". The return value of nilfs_last_byte()\nis also of type \"unsigned int\", but it is truncated so as not to exceed\nPAGE_SIZE and no bit loss occurs, so no change is required.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":8.0, "vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56619" }, { "cve":"CVE-2024-56627", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nksmbd: fix Out-of-Bounds Read in ksmbd_vfs_stream_read\n\nAn offset from client could be a negative value, It could lead\nto an out-of-bounds read from the stream_buf.\nNote that this issue is coming when setting\n'vfs objects = streams_xattr parameter' in ksmbd.conf.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56627" }, { "cve":"CVE-2024-56629", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nHID: wacom: fix when get product name maybe null pointer\n\nDue to incorrect dev->product reporting by certain devices, null\npointer dereferences occur when dev->product is empty, leading to\npotential system crashes.\n\nThis issue was found on EXCELSIOR DL37-D05 device with\nLoongson-LS3A6000-7A2000-DL37 motherboard.\n\nKernel logs:\n[ 56.470885] usb 4-3: new full-speed USB device number 4 using ohci-pci\n[ 56.671638] usb 4-3: string descriptor 0 read error: -22\n[ 56.671644] usb 4-3: New USB device found, idVendor=056a, idProduct=0374, bcdDevice= 1.07\n[ 56.671647] usb 4-3: New USB device strings: Mfr=1, Product=2, SerialNumber=3\n[ 56.678839] hid-generic 0003:056A:0374.0004: hiddev0,hidraw3: USB HID v1.10 Device [HID 056a:0374] on usb-0000:00:05.0-3/input0\n[ 56.697719] CPU 2 Unable to handle kernel paging request at virtual address 0000000000000000, era == 90000000066e35c8, ra == ffff800004f98a80\n[ 56.697732] Oops[#1]:\n[ 56.697734] CPU: 2 PID: 2742 Comm: (udev-worker) Tainted: G OE 6.6.0-loong64-desktop #25.00.2000.015\n[ 56.697737] Hardware name: Inspur CE520L2/C09901N000000000, BIOS 2.09.00 10/11/2024\n[ 56.697739] pc 90000000066e35c8 ra ffff800004f98a80 tp 9000000125478000 sp 900000012547b8a0\n[ 56.697741] a0 0000000000000000 a1 ffff800004818b28 a2 0000000000000000 a3 0000000000000000\n[ 56.697743] a4 900000012547b8f0 a5 0000000000000000 a6 0000000000000000 a7 0000000000000000\n[ 56.697745] t0 ffff800004818b2d t1 0000000000000000 t2 0000000000000003 t3 0000000000000005\n[ 56.697747] t4 0000000000000000 t5 0000000000000000 t6 0000000000000000 t7 0000000000000000\n[ 56.697748] t8 0000000000000000 u0 0000000000000000 s9 0000000000000000 s0 900000011aa48028\n[ 56.697750] s1 0000000000000000 s2 0000000000000000 s3 ffff800004818e80 s4 ffff800004810000\n[ 56.697751] s5 90000001000b98d0 s6 ffff800004811f88 s7 ffff800005470440 s8 0000000000000000\n[ 56.697753] ra: ffff800004f98a80 wacom_update_name+0xe0/0x300 [wacom]\n[ 56.697802] ERA: 90000000066e35c8 strstr+0x28/0x120\n[ 56.697806] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)\n[ 56.697816] PRMD: 0000000c (PPLV0 +PIE +PWE)\n[ 56.697821] EUEN: 00000000 (-FPE -SXE -ASXE -BTE)\n[ 56.697827] ECFG: 00071c1d (LIE=0,2-4,10-12 VS=7)\n[ 56.697831] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0)\n[ 56.697835] BADV: 0000000000000000\n[ 56.697836] PRID: 0014d000 (Loongson-64bit, Loongson-3A6000)\n[ 56.697838] Modules linked in: wacom(+) bnep bluetooth rfkill qrtr nls_iso8859_1 nls_cp437 snd_hda_codec_conexant snd_hda_codec_generic ledtrig_audio snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore input_leds mousedev led_class joydev deepin_netmonitor(OE) fuse nfnetlink dmi_sysfs ip_tables x_tables overlay amdgpu amdxcp drm_exec gpu_sched drm_buddy radeon drm_suballoc_helper i2c_algo_bit drm_ttm_helper r8169 ttm drm_display_helper spi_loongson_pci xhci_pci cec xhci_pci_renesas spi_loongson_core hid_generic realtek gpio_loongson_64bit\n[ 56.697887] Process (udev-worker) (pid: 2742, threadinfo=00000000aee0d8b4, task=00000000a9eff1f3)\n[ 56.697890] Stack : 0000000000000000 ffff800004817e00 0000000000000000 0000251c00000000\n[ 56.697896] 0000000000000000 00000011fffffffd 0000000000000000 0000000000000000\n[ 56.697901] 0000000000000000 1b67a968695184b9 0000000000000000 90000001000b98d0\n[ 56.697906] 90000001000bb8d0 900000011aa48028 0000000000000000 ffff800004f9d74c\n[ 56.697911] 90000001000ba000 ffff800004f9ce58 0000000000000000 ffff800005470440\n[ 56.697916] ffff800004811f88 90000001000b98d0 9000000100da2aa8 90000001000bb8d0\n[ 56.697921] 0000000000000000 90000001000ba000 900000011aa48028 ffff800004f9d74c\n[ 56.697926] ffff8000054704e8 90000001000bb8b8 90000001000ba000 0000000000000000\n[ 56.697931] 90000001000bb8d0 \n---truncated---", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56629" }, { "cve":"CVE-2024-56672", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: Fix UAF in blkcg_unpin_online()\n\nblkcg_unpin_online() walks up the blkcg hierarchy putting the online pin. To\nwalk up, it uses blkcg_parent(blkcg) but it was calling that after\nblkcg_destroy_blkgs(blkcg) which could free the blkcg, leading to the\nfollowing UAF:\n\n ==================================================================\n BUG: KASAN: slab-use-after-free in blkcg_unpin_online+0x15a/0x270\n Read of size 8 at addr ffff8881057678c0 by task kworker/9:1/117\n\n CPU: 9 UID: 0 PID: 117 Comm: kworker/9:1 Not tainted 6.13.0-rc1-work-00182-gb8f52214c61a-dirty #48\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 02/02/2022\n Workqueue: cgwb_release cgwb_release_workfn\n Call Trace:\n \n dump_stack_lvl+0x27/0x80\n print_report+0x151/0x710\n kasan_report+0xc0/0x100\n blkcg_unpin_online+0x15a/0x270\n cgwb_release_workfn+0x194/0x480\n process_scheduled_works+0x71b/0xe20\n worker_thread+0x82a/0xbd0\n kthread+0x242/0x2c0\n ret_from_fork+0x33/0x70\n ret_from_fork_asm+0x1a/0x30\n \n ...\n Freed by task 1944:\n kasan_save_track+0x2b/0x70\n kasan_save_free_info+0x3c/0x50\n __kasan_slab_free+0x33/0x50\n kfree+0x10c/0x330\n css_free_rwork_fn+0xe6/0xb30\n process_scheduled_works+0x71b/0xe20\n worker_thread+0x82a/0xbd0\n kthread+0x242/0x2c0\n ret_from_fork+0x33/0x70\n ret_from_fork_asm+0x1a/0x30\n\nNote that the UAF is not easy to trigger as the free path is indirected\nbehind a couple RCU grace periods and a work item execution. I could only\ntrigger it with artifical msleep() injected in blkcg_unpin_online().\n\nFix it by reading the parent pointer before destroying the blkcg's blkg's.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"HIGH", "baseScore":7.0, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"High", "category":"impact" } ], "title":"CVE-2024-56672" }, { "cve":"CVE-2024-56681", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - add error check in the ahash_hmac_init function\n\nThe ahash_init functions may return fails. The ahash_hmac_init should\nnot return ok when ahash_init returns error. For an example, ahash_init\nwill return -ENOMEM when allocation memory is error.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56681" }, { "cve":"CVE-2024-56686", "notes":[ { "text":"Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56686" }, { "cve":"CVE-2024-56691", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device\n\nWhile design wise the idea of converting the driver to use\nthe hierarchy of the IRQ chips is correct, the implementation\nhas (inherited) flaws. This was unveiled when platform_get_irq()\nhad started WARN() on IRQ 0 that is supposed to be a Linux\nIRQ number (also known as vIRQ).\n\nRework the driver to respect IRQ domain when creating each MFD\ndevice separately, as the domain is not the same for all of them.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"LOW", "baseScore":3.9, "vectorString":"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Low", "category":"impact" } ], "title":"CVE-2024-56691" }, { "cve":"CVE-2024-56692", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: fix to do sanity check on node blkaddr in truncate_node()\n\nsyzbot reports a f2fs bug as below:\n\n------------[ cut here ]------------\nkernel BUG at fs/f2fs/segment.c:2534!\nRIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534\nCall Trace:\n truncate_node+0x1ae/0x8c0 fs/f2fs/node.c:909\n f2fs_remove_inode_page+0x5c2/0x870 fs/f2fs/node.c:1288\n f2fs_evict_inode+0x879/0x15c0 fs/f2fs/inode.c:856\n evict+0x4e8/0x9b0 fs/inode.c:723\n f2fs_handle_failed_inode+0x271/0x2e0 fs/f2fs/inode.c:986\n f2fs_create+0x357/0x530 fs/f2fs/namei.c:394\n lookup_open fs/namei.c:3595 [inline]\n open_last_lookups fs/namei.c:3694 [inline]\n path_openat+0x1c03/0x3590 fs/namei.c:3930\n do_filp_open+0x235/0x490 fs/namei.c:3960\n do_sys_openat2+0x13e/0x1d0 fs/open.c:1415\n do_sys_open fs/open.c:1430 [inline]\n __do_sys_openat fs/open.c:1446 [inline]\n __se_sys_openat fs/open.c:1441 [inline]\n __x64_sys_openat+0x247/0x2a0 fs/open.c:1441\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0010:f2fs_invalidate_blocks+0x35f/0x370 fs/f2fs/segment.c:2534\n\nThe root cause is: on a fuzzed image, blkaddr in nat entry may be\ncorrupted, then it will cause system panic when using it in\nf2fs_invalidate_blocks(), to avoid this, let's add sanity check on\nnat blkaddr in truncate_node().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56692" }, { "cve":"CVE-2024-56700", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: wl128x: Fix atomicity violation in fmc_send_cmd()\n\nAtomicity violation occurs when the fmc_send_cmd() function is executed\nsimultaneously with the modification of the fmdev->resp_skb value.\nConsider a scenario where, after passing the validity check within the\nfunction, a non-null fmdev->resp_skb variable is assigned a null value.\nThis results in an invalid fmdev->resp_skb variable passing the validity\ncheck. As seen in the later part of the function, skb = fmdev->resp_skb;\nwhen the invalid fmdev->resp_skb passes the check, a null pointer\ndereference error may occur at line 478, evt_hdr = (void *)skb->data;\n\nTo address this issue, it is recommended to include the validity check of\nfmdev->resp_skb within the locked section of the function. This\nmodification ensures that the value of fmdev->resp_skb does not change\nduring the validation process, thereby maintaining its validity.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by our team. This tool analyzes the locking APIs\nto extract function pairs that can be concurrently executed, and then\nanalyzes the instructions in the paired functions to identify possible\nconcurrency bugs including data races and atomicity violations.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56700" }, { "cve":"CVE-2024-56709", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check if iowq is killed before queuing\n\ntask work can be executed after the task has gone through io_uring\ntermination, whether it's the final task_work run or the fallback path.\nIn this case, task work will find ->io_wq being already killed and\nnull'ed, which is a problem if it then tries to forward the request to\nio_queue_iowq(). Make io_queue_iowq() fail requests in this case.\n\nNote that it also checks PF_KTHREAD, because the user can first close\na DEFER_TASKRUN ring and shortly after kill the task, in which case\n->iowq check would race.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56709" }, { "cve":"CVE-2024-56739", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nrtc: check if __rtc_read_time was successful in rtc_timer_do_work()\n\nIf the __rtc_read_time call fails,, the struct rtc_time tm; may contain\nuninitialized data, or an illegal date/time read from the RTC hardware.\n\nWhen calling rtc_tm_to_ktime later, the result may be a very large value\n(possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue,\nthey will continually expire, may causing kernel softlockup.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56739" }, { "cve":"CVE-2024-56741", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: test: Fix memory leak for aa_unpack_strdup()\n\nThe string allocated by kmemdup() in aa_unpack_strdup() is not\nfreed and cause following memory leaks, free them to fix it.\n\n\tunreferenced object 0xffffff80c6af8a50 (size 8):\n\t comm \"kunit_try_catch\", pid 225, jiffies 4294894407\n\t hex dump (first 8 bytes):\n\t 74 65 73 74 69 6e 67 00 testing.\n\t backtrace (crc 5eab668b):\n\t [<0000000001e3714d>] kmemleak_alloc+0x34/0x40\n\t [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0\n\t [<000000006870467c>] kmemdup_noprof+0x34/0x60\n\t [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c\n\t [<000000008ecde918>] policy_unpack_test_unpack_strdup_with_null_name+0xf8/0x3ec\n\t [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000adf936cf>] kthread+0x2e8/0x374\n\t [<0000000041bb1628>] ret_from_fork+0x10/0x20\n\tunreferenced object 0xffffff80c2a29090 (size 8):\n\t comm \"kunit_try_catch\", pid 227, jiffies 4294894409\n\t hex dump (first 8 bytes):\n\t 74 65 73 74 69 6e 67 00 testing.\n\t backtrace (crc 5eab668b):\n\t [<0000000001e3714d>] kmemleak_alloc+0x34/0x40\n\t [<000000006e6c7776>] __kmalloc_node_track_caller_noprof+0x300/0x3e0\n\t [<000000006870467c>] kmemdup_noprof+0x34/0x60\n\t [<000000001176bb03>] aa_unpack_strdup+0xd0/0x18c\n\t [<0000000046a45c1a>] policy_unpack_test_unpack_strdup_with_name+0xd0/0x3c4\n\t [<0000000032ef8f77>] kunit_try_run_case+0x13c/0x3ac\n\t [<00000000f3edea23>] kunit_generic_run_threadfn_adapter+0x80/0xec\n\t [<00000000adf936cf>] kthread+0x2e8/0x374\n\t [<0000000041bb1628>] ret_from_fork+0x10/0x20", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56741" }, { "cve":"CVE-2024-56747", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb()\n\nHook \"qedi_ops->common->sb_init = qed_sb_init\" does not release the DMA\nmemory sb_virt when it fails. Add dma_free_coherent() to free it. This\nis the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56747" }, { "cve":"CVE-2024-56748", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb()\n\nHook \"qed_ops->common->sb_init = qed_sb_init\" does not release the DMA\nmemory sb_virt when it fails. Add dma_free_coherent() to free it. This\nis the same way as qedr_alloc_mem_sb() and qede_alloc_mem_sb().", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56748" }, { "cve":"CVE-2024-56756", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-pci: fix freeing of the HMB descriptor table\n\nThe HMB descriptor table is sized to the maximum number of descriptors\nthat could be used for a given device, but __nvme_alloc_host_mem could\nbreak out of the loop earlier on memory allocation failure and end up\nusing less descriptors than planned for, which leads to an incorrect\nsize passed to dma_free_coherent.\n\nIn practice this was not showing up because the number of descriptors\ntends to be low and the dma coherent allocator always allocates and\nfrees at least a page.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56756" }, { "cve":"CVE-2024-56763", "notes":[ { "text":"In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Prevent bad count for tracing_cpumask_write\n\nIf a large count is provided, it will trigger a warning in bitmap_parse_user.\nAlso check zero for it.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] }, "remediations":[ { "product_ids":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ], "details":"kernel security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-1033" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.5, "vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version":"3.1" }, "products":[ "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.aarch64", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.src", "openEuler-22.03-LTS-SP3:kernel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-debugsource-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-headers-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-source-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:kernel-tools-devel-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-5.10.0-245.0.0.147.oe2203sp3.x86_64", "openEuler-22.03-LTS-SP3:python3-perf-debuginfo-5.10.0-245.0.0.147.oe2203sp3.x86_64" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2024-56763" } ] }